On Wed, Jun 05, 2013 at 10:05:16PM -0400, Sean MacLennan wrote:
> Cleanup the rt_stats structure. Many of the fields where unused and a
> lot of the fields where set but never referenced.
> 
> Removing all the statistics reduced cmpk_handle_interrupt_status to
> just setting bibsscoordinator... which was then never referenced.
> Remove the function and bibsscoordinator.
> 

There are a lot of ways this patch could have been broken into
smaller patches, but especially this bit:

> @@ -329,10 +161,8 @@ u32 cmpk_message_handle_rx(struct net_device *dev,
>  
>       pcmd_buff = pstats->virtual_address;
>  
> -     element_id = pcmd_buff[0];
> -
> -     while (total_length > 0 || exe_cnt++ > 100) {
> -             element_id = pcmd_buff[0];
> +     while (total_length > 0 && exe_cnt++ < 100) {
> +             u8 element_id = pcmd_buff[0];
>  
>               switch (element_id) {
>               case RX_TX_FEEDBACK:

When I see a buffer overflow like that in an _rx() function it makes
me go all "tsk tsk".

regards,
dan carpenter
_______________________________________________
devel mailing list
devel@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/devel

Reply via email to