From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ducrot Bruno Subject: Re: [buggy index field handling] [patch] Date: Tue, 23 Sep 2003 20:13:52 +0200 Sender: acpi-devel-admin-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org Message-ID: <20030923181352.GS11391@poupinou.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: Errors-To: acpi-devel-admin-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org List-Help: List-Post: List-Subscribe: , List-Unsubscribe: , List-Archive: To: "Moore, Robert" Cc: "Grover, Andrew" , acpi-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org, Robert Vollmert , Mads Paulin List-Id: linux-acpi@vger.kernel.org On Tue, Sep 23, 2003 at 10:27:52AM -0700, Moore, Robert wrote: > Is this the final patch? If so, we will integrate it into the ACPI CA > core > Bob > > > -----Original Message----- > From: acpi-devel-admin-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org > [mailto:acpi-devel-admin-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org] On Behalf Of Ducrot > Bruno > Sent: Monday, September 22, 2003 10:19 AM > To: Grover, Andrew > Cc: acpi-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org; Robert Vollmert; Mads Paulin > Subject: [ACPI] [buggy index field handling] [patch] > > Hi Andy, > > There is a funny bug in acpi/executer/exfldio.c::acpi_ex_field_datum_io > > When the field come from an indexed one, we read all the time from the > address obj_desc->index_field.value > Unfortunately, this is wrong, since the correct address is > obviously &obj_desc->index_field.value + field_datum_byte_offset I would like much you integrate Robert Vollmert version: it does overflow checking. Patch is from Robert Vollmert, but rediffed against 2.6.0-test5: --- linux-2.6.0-test5/drivers/acpi/executer/exfldio.c 2003/09/22 17:09:20 1.1 +++ linux-2.6.0-test5/drivers/acpi/executer/exfldio.c 2003/09/23 18:05:37 @@ -312,6 +312,7 @@ { acpi_status status; acpi_integer local_value; + acpi_integer index_field_value; ACPI_FUNCTION_TRACE_U32 ("ex_field_datum_io", field_datum_byte_offset); @@ -415,18 +416,22 @@ case ACPI_TYPE_LOCAL_INDEX_FIELD: + /* Compute index value to access the current datum */ + index_field_value = obj_desc->index_field.value + + field_datum_byte_offset; + /* Ensure that the index_value is not beyond the capacity of the register */ if (acpi_ex_register_overflow (obj_desc->index_field.index_obj, - (acpi_integer) obj_desc->index_field.value)) { + index_field_value)) { return_ACPI_STATUS (AE_AML_REGISTER_LIMIT); } /* Write the index value to the index_register (itself a region_field) */ status = acpi_ex_insert_into_field (obj_desc->index_field.index_obj, - &obj_desc->index_field.value, - sizeof (obj_desc->index_field.value)); + &index_field_value, + sizeof (index_field_value)); if (ACPI_FAILURE (status)) { return_ACPI_STATUS (status); } -- Ducrot Bruno -- Which is worse: ignorance or apathy? -- Don't know. Don't care. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf