On 2013年04月23日 08:31, Benjamin Herrenschmidt wrote: > On Thu, 2013-04-18 at 12:45 +0800, Chen Gang wrote: >> Hello Maintainers: >> >> >> in arch/powerpc/kernel/lparcfg.c, parse_system_parameter_string() >> >> need set '\0' for 'local_buffer'. >> >> the reason is: >> SPLPAR_MAXLENGTH is 1026, RTAS_DATA_BUF_SIZE is 4096 >> the contents of rtas_data_buf may truncated in memcpy (line 301). >> >> if contents are truncated. >> the splpar_strlen is more than 1026 (line 321) >> the while loop checking will not find the end of buffer (line 326) >> it will cause memory access violation. >> >> >> I find it by reading code, so please help check. > > And a signed-off-by please ? >
ok, thanks, I should send the related patch. -- Chen Gang Asianux Corporation -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/