Re: [PATCH] libata: Avoid overflow in ata_tf_read_block() when tf->hba_lbal > 127
- From: Jeff Garzik <jeff@xxxxxxxxxx>
- Date: Tue, 11 Nov 2008 03:02:14 -0500
Roland Dreier wrote:
Phillip O'Donnell <phillip.odonnell@xxxxxxxxx> pointed out that the same
sign extension bug that was fixed in commit ba14a9c2 ("libata: Avoid
overflow in ata_tf_to_lba48() when tf->hba_lbal > 127") also appears to
exist in ata_tf_read_block(). Fix this by adding a cast to u64.
Signed-off-by: Roland Dreier <rolandd@xxxxxxxxx>
---
I don't have any way to test this -- I guess you would have to get an
error on a block above 2G (ie data above 1TB)? But it looks "obviously
correct" enough to add to -next I guess.
drivers/ata/libata-core.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
index 622350d..a6ad862 100644
--- a/drivers/ata/libata-core.c
+++ b/drivers/ata/libata-core.c
@@ -612,7 +612,7 @@ u64 ata_tf_read_block(struct ata_taskfile *tf, struct ata_device *dev)
if (tf->flags & ATA_TFLAG_LBA48) {
block |= (u64)tf->hob_lbah << 40;
block |= (u64)tf->hob_lbam << 32;
- block |= tf->hob_lbal << 24;
+ block |= (u64)tf->hob_lbal << 24;
} else
block |= (tf->device & 0xf) << 24;
applied
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- References:
- [PATCH] libata: Avoid overflow in ata_tf_read_block() when tf->hba_lbal > 127
- From: Roland Dreier
- [PATCH] libata: Avoid overflow in ata_tf_read_block() when tf->hba_lbal > 127
- Prev by Date: Re: i82875p_edac: BAR 0 collision
- Next by Date: Re: [PATCH 2/6] /drivers/ata/pata_cs553*.c: cleanup kerneldoc
- Previous by thread: Re: [PATCH] libata: Avoid overflow in ata_tf_read_block() when tf->hba_lbal > 127
- Next by thread: [RFC] [PATCH] Loaded driver modalias
- Index(es):
Relevant Pages
|
