提交 af4d3643 编写于 作者: G Guillaume Knispel 提交者: Kumar Gala

powerpc: Fix corruption error in rh_alloc_fixed()

There is an error in rh_alloc_fixed() of the Remote Heap code:
If there is at least one free block blk won't be NULL at the end of the
search loop, so -ENOMEM won't be returned and the else branch of
"if (bs == s || be == e)" will be taken, corrupting the management
structures.
Signed-off-by: NGuillaume Knispel <gknispel@proformatique.com>
Acked-by: NTimur Tabi <timur@freescale.com>
Signed-off-by: NKumar Gala <galak@kernel.crashing.org>
上级 28707af0
...@@ -556,6 +556,7 @@ unsigned long rh_alloc_fixed(rh_info_t * info, unsigned long start, int size, co ...@@ -556,6 +556,7 @@ unsigned long rh_alloc_fixed(rh_info_t * info, unsigned long start, int size, co
be = blk->start + blk->size; be = blk->start + blk->size;
if (s >= bs && e <= be) if (s >= bs && e <= be)
break; break;
blk = NULL;
} }
if (blk == NULL) if (blk == NULL)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册