On 19 December 2015 at 10:23, Rabin Vincent <rabin@xxxxxx> wrote:
> On Fri, Dec 18, 2015 at 01:59:13PM -0700, Mathieu Poirier wrote:
>> +static void etb_update_buffer(struct coresight_device *csdev,
>> + struct perf_output_handle *handle,
>> + void *sink_config)
>> +{
>> + int i, cur;
>> + u32 *buf_ptr;
>
> ...
>
>> + for (i = 0; i < to_read; i += 4) {
>> + buf_ptr = buf->data_pages[cur] + offset;
>> + read_data = readl_relaxed(drvdata->base +
>> + ETB_RAM_READ_DATA_REG);
>> + *buf_ptr++ = read_data >> 0;
>> + *buf_ptr++ = read_data >> 8;
>> + *buf_ptr++ = read_data >> 16;
>> + *buf_ptr++ = read_data >> 24;
>
> buf_ptr should either be changed to a u8* or just the first write should
> be present. Otherwise this overwrites lots of memory.
Good catch!
>
>> +
>> + offset += 4;
>> + if (offset >= PAGE_SIZE) {
--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
