pstore: fix potential logic issue in pstore read interface

1) in the calling of erst_read, the parameter of buffer size maybe overflows and cause crash 2) the return value of erst_read should be checked more strictly Signed-off-by: Chen Gong <gong.chen@linux.intel.com> Signed-off-by: Tony Luck <tony.luck@intel.com>

pstore: fix potential logic issue in pstore read interface
1) in the calling of erst_read, the parameter of buffer size maybe overflows and cause crash 2) the return value of erst_read should be checked more strictly Signed-off-by: Chen Gong <gong.chen@linux.intel.com> Signed-off-by: Tony Luck <tony.luck@intel.com>
f5ec25de · Chen Gong · Tony Luck · 06cf91b4 · f5ec25de
Commit f5ec25de authored May 16, 2011 by Chen Gong Committed by Tony Luck May 16, 2011
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletion

drivers/acpi/apei/erst.c drivers/acpi/apei/erst.c +8 -1

No files found.
--- a/drivers/acpi/apei/erst.c
+++ b/drivers/acpi/apei/erst.c
@@ -1006,7 +1006,14 @@ static ssize_t erst_reader(u64 *id, enum pstore_type_id *type,
 	}

 	len = erst_read(record_id, &rcd->hdr, sizeof(*rcd) +
-			  erst_erange.size);
+			erst_info.bufsize);
+	/* The record may be cleared by others, try read next record */
+	if (len == -ENOENT)
+		goto skip;
+	else if (len < 0) {
+		rc = -1;
+		goto out;
+	}
 	if (uuid_le_cmp(rcd->hdr.creator_id, CPER_CREATOR_PSTORE) != 0)
 		goto skip;