From 5701c0519b7a357a602fda5c96f26197ecfc4c85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= Date: Fri, 30 Jan 2009 20:21:09 -0800 Subject: Staging: android: ram_console: Disable ECC when early init is enabled and validate buffer size MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Arve Hjønnevåg Signed-off-by: Greg Kroah-Hartman --- drivers/staging/android/Kconfig | 1 + drivers/staging/android/ram_console.c | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/drivers/staging/android/Kconfig b/drivers/staging/android/Kconfig index 6b996db0dd6..604bd1e0d54 100644 --- a/drivers/staging/android/Kconfig +++ b/drivers/staging/android/Kconfig @@ -27,6 +27,7 @@ menuconfig ANDROID_RAM_CONSOLE_ERROR_CORRECTION bool "Android RAM Console Enable error correction" default n depends on ANDROID_RAM_CONSOLE + depends on !ANDROID_RAM_CONSOLE_EARLY_INIT select REED_SOLOMON select REED_SOLOMON_ENC8 select REED_SOLOMON_DEC8 diff --git a/drivers/staging/android/ram_console.c b/drivers/staging/android/ram_console.c index bf006857a87..643ac5ce381 100644 --- a/drivers/staging/android/ram_console.c +++ b/drivers/staging/android/ram_console.c @@ -224,9 +224,23 @@ static int __init ram_console_init(struct ram_console_buffer *buffer, ram_console_buffer_size = buffer_size - sizeof(struct ram_console_buffer); + if (ram_console_buffer_size > buffer_size) { + pr_err("ram_console: buffer %p, invalid size %d, datasize %d\n", + buffer, buffer_size, ram_console_buffer_size); + return 0; + } + #ifdef CONFIG_ANDROID_RAM_CONSOLE_ERROR_CORRECTION ram_console_buffer_size -= (DIV_ROUND_UP(ram_console_buffer_size, ECC_BLOCK_SIZE) + 1) * ECC_SIZE; + + if (ram_console_buffer_size > buffer_size) { + pr_err("ram_console: buffer %p, invalid size %d, " + "non-ecc datasize %d\n", + buffer, buffer_size, ram_console_buffer_size); + return 0; + } + ram_console_par_buffer = buffer->data + ram_console_buffer_size; -- cgit v1.2.3