op-kernel-dev - Development kernel branch for OpenPOWER systems

diff options

author	stephen hemminger <stephen@networkplumber.org>	2013-08-01 22:32:07 -0700
committer	David S. Miller <davem@davemloft.net>	2013-08-02 14:52:20 -0700
commit	cbd375567f7e4811b1c721f75ec519828ac6583f (patch)
tree	af09c22cc7ee9adb1d3758c07cd2ceabcc50b781 /fs/buffer.c
parent	787381415cf967c5d6d1d7c5b5bd893376945edd (diff)
download	op-kernel-dev-cbd375567f7e4811b1c721f75ec519828ac6583f.zip op-kernel-dev-cbd375567f7e4811b1c721f75ec519828ac6583f.tar.gz

htb: fix sign extension bug

When userspace passes a large priority value the assignment of the unsigned value hopt->prio to signed int cl->prio causes cl->prio to become negative and the comparison is with TC_HTB_NUMPRIO is always false. The result is that HTB crashes by referencing outside the array when processing packets. With this patch the large value wraps around like other values outside the normal range. See: https://bugzilla.kernel.org/show_bug.cgi?id=60669 Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'fs/buffer.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: