[PATCH] PCI: correctly allocate return buffers for osc calls
The OSC set and query functions do not allocate enough space for return values, and set the output buffer length to a false, too large value. This causes the acpi-ca code to assume that the output buffer is larger than it actually is, and overwrite memory when copying acpi return buffers into this caller provided buffer. In some cases this can cause kernel oops if the memory that is overwritten is a pointer. This patch will change these calls to use a dynamically allocated output buffer, thus allowing the acpi-ca code to decide how much space is needed. Signed-off-by: Kristen Carlson Accardi <kristen.c.accardi@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Showing
Please register or sign in to comment