* [PATCH] Fix LAPB windowsize check
@ 2006-08-04 11:41 Diego Calleja
2006-08-06 3:56 ` David Miller
0 siblings, 1 reply; 2+ messages in thread
From: Diego Calleja @ 2006-08-04 11:41 UTC (permalink / raw)
To: netdev
In bug #6954, Norbert Reinartz reported the following issue:
"Function lapb_setparms() in file net/lapb/lapb_iface.c checks if the given
parameters are valid. If the given window size is in the range of 8 .. 127,
lapb_setparms() fails and returns an error value of LAPB_INVALUE, even if bit
LAPB_EXTENDED in parms->mode is set.
If bit LAPB_EXTENDED in parms->mode is set and the window size is in the range
of 8 .. 127, the first check "(parms->mode & LAPB_EXTENDED)" results true and
the second check "(parms->window < 1 || parms->window > 127)" results false.
Both checks in conjunction result to false, thus the third check "(parms->window
< 1 || parms->window > 7)" is done by fault.
This third check results true, so that we leave lapb_setparms() by 'goto out_put'.
Seems that this bug doesn't cause any problems, because lapb_setparms() isn't
used to change the default values of LAPB. We are using kernel lapb in our
software project and also change the default parameters of lapb, so we found
this bug"
He also pasted a fix, that I've transformated into a patch:
Signed-off-by: Diego Calleja <diegocg@gmail.com>
Index: 2.6/net/lapb/lapb_iface.c
===================================================================
--- 2.6.orig/net/lapb/lapb_iface.c 2006-08-03 18:40:13.000000000 +0200
+++ 2.6/net/lapb/lapb_iface.c 2006-08-03 18:44:37.000000000 +0200
@@ -238,10 +238,13 @@
goto out_put;
if (lapb->state == LAPB_STATE_0) {
- if (((parms->mode & LAPB_EXTENDED) &&
- (parms->window < 1 || parms->window > 127)) ||
- (parms->window < 1 || parms->window > 7))
- goto out_put;
+ if (parms->mode & LAPB_EXTENDED) {
+ if (parms->window < 1 || parms->window > 127)
+ goto out_put;
+ }
+ else {
+ if (parms->window < 1 || parms->window > 7)
+ goto out_put;
lapb->mode = parms->mode;
lapb->window = parms->window;
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] Fix LAPB windowsize check
2006-08-04 11:41 [PATCH] Fix LAPB windowsize check Diego Calleja
@ 2006-08-06 3:56 ` David Miller
0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2006-08-06 3:56 UTC (permalink / raw)
To: diegocg; +Cc: netdev
From: Diego Calleja <diegocg@gmail.com>
Date: Fri, 4 Aug 2006 13:41:14 +0200
> In bug #6954, Norbert Reinartz reported the following issue:
...
> Signed-off-by: Diego Calleja <diegocg@gmail.com>
Looks good, patch applied, thanks a lot.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-08-06 3:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-08-04 11:41 [PATCH] Fix LAPB windowsize check Diego Calleja
2006-08-06 3:56 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).