pcmcia cis: on an out of range CIS read return 0xff, don't just warn

The current code displays warnings but then proceeds to try and reference the data through the PCMCIA window. Instead return 0xff. This prevents bogus CIS data sending us off into hyperspace. Signed-off-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

pcmcia cis: on an out of range CIS read return 0xff, don't just warn
The current code displays warnings but then proceeds to try and reference the data through the PCMCIA window. Instead return 0xff. This prevents bogus CIS data sending us off into hyperspace. Signed-off-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
b38a4bd3 · Alan Cox · Greg Kroah-Hartman · a6c6193a · b38a4bd3
Commit b38a4bd3 authored Dec 10, 2014 by Alan Cox Committed by Greg Kroah-Hartman Jan 12, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

drivers/pcmcia/cistpl.c drivers/pcmcia/cistpl.c +4 -1

No files found.
--- a/drivers/pcmcia/cistpl.c
+++ b/drivers/pcmcia/cistpl.c
@@ -168,9 +168,12 @@ int pcmcia_read_cis_mem(struct pcmcia_socket *s, int attr, u_int addr,
 	} else {
 		u_int inc = 1, card_offset, flags;

-		if (addr > CISTPL_MAX_CIS_SIZE)
+		if (addr > CISTPL_MAX_CIS_SIZE) {
 			dev_dbg(&s->dev,
 				"attempt to read CIS mem at addr %#x", addr);
+			memset(ptr, 0xff, len);
+			return -1;
+		}

 		flags = MAP_ACTIVE | ((cis_width) ? MAP_16BIT : 0);
 		if (attr) {