git.openpandora.org / pandora-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9f79bd) | patch
IB/ipath: ipath_skip_sge() can break if num_sge > 1
authorRalph Campbell <ralphc@pathscale.com>
Tue, 18 Jul 2006 01:21:24 +0000 (18:21 -0700)
committerRoland Dreier <rolandd@cisco.com>
Mon, 24 Jul 2006 16:18:07 +0000 (09:18 -0700)
commit16c59419a09f0140a07a1828d6a45656265e07c7
tree561234eaf2a32f143566f62ef660f1cac2b68ebftree | snapshot
parentc9f79bdc21da9c8d466b6ba7c8bbd6b8e0110ce2commit | diff
IB/ipath: ipath_skip_sge() can break if num_sge > 1

ipath_skip_sge() doesn't exactly duplicate the side effects of
ipath_copy_sge() if num_sge > 1 since it doesn't decrement ss->num_sge.
This could result in the sg_list being accessed out of bounds.
Since ipath_skip_sge() is almost always called with num_sge == 1,
the original "optimization" is almost never used.

Signed-off-by: Ralph Campbell <ralph.campbell@qlogic.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
drivers/infiniband/hw/ipath/ipath_verbs.c diff | blob | history
Pandora Kernel Repository