| Message ID | alpine.LRH.2.02.1704141433280.10706@file01.intranet.prod.int.rdu2.redhat.com (mailing list archive) |
|---|---|
| State | Awaiting Upstream, archived |
| Headers | show |
On Friday, April 14, 2017 02:35:33 PM Mikulas Patocka wrote: > The parisc architecture recently reimplemented the memcpy function and > their reimplementation crashed when source and destination overlapped. > > The crash happened in the function ide_complete_cmd where memcpy is called > with the same source and destination pointer. According to the C > specification, memcpy behavior is undefined if the source and destination > range overlaps. This patches fixes the undefined behavior. > > Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Reviewed-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com> Best regards, -- Bartlomiej Zolnierkiewicz Samsung R&D Institute Poland Samsung Electronics -- To unsubscribe from this list: send the line "unsubscribe linux-parisc" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From: Mikulas Patocka <mpatocka@redhat.com> Date: Fri, 14 Apr 2017 14:35:33 -0400 (EDT) > The parisc architecture recently reimplemented the memcpy function and > their reimplementation crashed when source and destination overlapped. > > The crash happened in the function ide_complete_cmd where memcpy is called > with the same source and destination pointer. According to the C > specification, memcpy behavior is undefined if the source and destination > range overlaps. This patches fixes the undefined behavior. > > Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Applied. -- To unsubscribe from this list: send the line "unsubscribe linux-parisc" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Index: linux-4.11-rc6/drivers/ide/ide-io.c =================================================================== --- linux-4.11-rc6.orig/drivers/ide/ide-io.c +++ linux-4.11-rc6/drivers/ide/ide-io.c @@ -107,7 +107,7 @@ void ide_complete_cmd(ide_drive_t *drive if (cmd->tf_flags & IDE_TFLAG_DYN) kfree(orig_cmd); - else + else if (cmd != orig_cmd) memcpy(orig_cmd, cmd, sizeof(*cmd)); } }
The parisc architecture recently reimplemented the memcpy function and their reimplementation crashed when source and destination overlapped. The crash happened in the function ide_complete_cmd where memcpy is called with the same source and destination pointer. According to the C specification, memcpy behavior is undefined if the source and destination range overlaps. This patches fixes the undefined behavior. Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> --- drivers/ide/ide-io.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- To unsubscribe from this list: send the line "unsubscribe linux-parisc" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html