firewire: core: increase stack size of config ROM reader

The stack size of 16 was artificially chosen and may be too small in extreme cases. A device won't be accessible then. Since it doesn't really matter to the slab allocator whether we ask for 1088 bytes or 2048 bytes of scratch memory, just allocate 2048 bytes for the sum of temporary config ROM image and stack, and we will never ever overflow the stack (because there simply can't be more stack items than ROM entries). Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
git-mirror · Feb 24, 2010 · 58aaa54 · 58aaa54
1 parent 2799d5c
commit 58aaa54
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/drivers/firewire/core-device.c b/drivers/firewire/core-device.c
@@ -493,7 +493,6 @@ static int read_rom(struct fw_device *device,
 }
 
 #define READ_BIB_ROM_SIZE	256
-#define READ_BIB_STACK_SIZE	16
 
 /*
  * Read the bus info block, perform a speed probe, and read all of the rest of
@@ -510,7 +509,7 @@ static int read_bus_info_block(struct fw_device *device, int generation)
 	int i, end, length, ret = -1;
 
 	rom = kmalloc(sizeof(*rom) * READ_BIB_ROM_SIZE +
-		      sizeof(*stack) * READ_BIB_STACK_SIZE, GFP_KERNEL);
+		      sizeof(*stack) * READ_BIB_ROM_SIZE, GFP_KERNEL);
 	if (rom == NULL)
 		return -ENOMEM;
 
@@ -612,8 +611,7 @@ static int read_bus_info_block(struct fw_device *device, int generation)
 			    RCODE_COMPLETE)
 				goto out;
 
-			if ((key >> 30) != 3 || (rom[i] >> 30) < 2 ||
-			    sp >= READ_BIB_STACK_SIZE)
+			if ((key >> 30) != 3 || (rom[i] >> 30) < 2)
 				continue;
 			/*
 			 * Offset points outside the ROM.  May be a firmware