Skip to content

Commit

Permalink
powerpc: Fix corruption error in rh_alloc_fixed()
Browse files Browse the repository at this point in the history 
There is an error in rh_alloc_fixed() of the Remote Heap code:
If there is at least one free block blk won't be NULL at the end of the
search loop, so -ENOMEM won't be returned and the else branch of
"if (bs == s || be == e)" will be taken, corrupting the management
structures.

Signed-off-by: Guillaume Knispel <gknispel@proformatique.com>
Acked-by: Timur Tabi <timur@freescale.com>
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
  • Loading branch information
Guillaume Knispel authored and Kumar Gala committed Dec 17, 2008
1 parent 28707af commit af4d364
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions arch/powerpc/lib/rheap.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -556,6 +556,7 @@ unsigned long rh_alloc_fixed(rh_info_t * info, unsigned long start, int size, co
be = blk->start + blk->size;
if (s >= bs && e <= be)
break;
blk = NULL;
}

if (blk == NULL)
Expand Down

0 comments on commit af4d364

Please sign in to comment.