Hi Finn,
On Sun, Apr 1, 2018 at 3:41 AM, Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx> wrote:
In the floppy_find() function in swim.c is a call to
get_disk(swd->unit[drive].disk). The actual parameter to this call
can be a NULL pointer when drive == swd->floppy_count. This causes
an oops in get_disk().
Data read fault at 0x00000198 in Super Data (pc=0x1be5b6)
[...]
Fix the array index bounds check to avoid this.
Fixes: 8852ecd97488 ("[PATCH] m68k: mac - Add SWIM floppy support")
Cc: Laurent Vivier <lvivier@xxxxxxxxxx>
Cc: Jens Axboe <axboe@xxxxxxxxx>
Tested-by: Stan Johnson <userm57@xxxxxxxxx>
Signed-off-by: Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx>
Reviewed-by: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Looks like amiflop.c:find_floppy() needs a check, too?
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-m68k" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
