This backport is from linux kernel upstream commit: > commit 83d6f1f15f8cce844b0a131cbc63e444620e48b5 > Author: Arnd Bergmann <a...@arndb.de> > Date: Mon Mar 14 15:18:36 2016 +0100 > > ath9k: fix buffer overrun for ar9287 > > Code that was added back in 2.6.38 has an obvious overflow > when accessing a static array, and at the time it was added > only a code comment was put in front of it as a reminder > to have it reviewed properly. > > This has not happened, but gcc-6 now points to the specific > overflow: > > drivers/net/wireless/ath/ath9k/eeprom.c: In function > 'ath9k_hw_get_gain_boundaries_pdadcs': > drivers/net/wireless/ath/ath9k/eeprom.c:483:44: error: array subscript is > above array bounds [-Werror=array-bounds] > maxPwrT4[i] = data_9287[idxL].pwrPdg[i][4]; > ~~~~~~~~~~~~~~~~~~~~~~~~~^~~ > > It turns out that the correct array length exists in the local > 'intercepts' variable of this function, so we can just use that > instead of hardcoding '4', so this patch changes all three > instances to use that variable. The other two instances were > already correct, but it's more consistent this way. > > Signed-off-by: Arnd Bergmann <a...@arndb.de> > Fixes: 940cd2c12ebf ("ath9k_hw: merge the ar9287 version of > ath9k_hw_get_gain_boundaries_pdadcs") > Signed-off-by: David S. Miller <da...@davemloft.net> You can view, comment on, or merge this pull request online at:
https://github.com/ipxe/ipxe/pull/53 -- Commit Summary -- * ath9k: fix buffer overrun for ar9287 -- File Changes -- M src/drivers/net/ath/ath9k/ath9k_eeprom.c (7) -- Patch Links -- https://github.com/ipxe/ipxe/pull/53.patch https://github.com/ipxe/ipxe/pull/53.diff --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/ipxe/ipxe/pull/53
_______________________________________________ ipxe-devel mailing list ipxe-devel@lists.ipxe.org https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel