• Akinobu Mita's avatar
    wusb: fix find_first_zero_bit() return value check · 962f3ffa
    Akinobu Mita authored
    In wusb_cluster_id_get(), if no zero bits exist in wusb_cluster_id_table,
    find_first_zero_bit() returns CLUSTER_IDS.
    
    But it is impossible to detect that the bitmap is full because there
    is an off-by-one error in the return value check.  It will cause
    unexpected memory access by setting bit out of wusb_cluster_id_table
    bitmap, and caller will get wrong cluster id.
    Signed-off-by: default avatarAkinobu Mita <akinobu.mita@gmail.com>
    Cc: linux-usb@vger.kernel.org
    Cc: Greg Kroah-Hartman <gregkh@suse.de>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
    962f3ffa
wusbhc.c 12.1 KB