Commit f5ec25de authored by Chen Gong's avatar Chen Gong Committed by Tony Luck

pstore: fix potential logic issue in pstore read interface

1) in the calling of erst_read, the parameter of buffer size
maybe overflows and cause crash

2) the return value of erst_read should be checked more strictly
Signed-off-by: default avatarChen Gong <gong.chen@linux.intel.com>
Signed-off-by: default avatarTony Luck <tony.luck@intel.com>
parent 06cf91b4
......@@ -1006,7 +1006,14 @@ static ssize_t erst_reader(u64 *id, enum pstore_type_id *type,
}
len = erst_read(record_id, &rcd->hdr, sizeof(*rcd) +
erst_erange.size);
erst_info.bufsize);
/* The record may be cleared by others, try read next record */
if (len == -ENOENT)
goto skip;
else if (len < 0) {
rc = -1;
goto out;
}
if (uuid_le_cmp(rcd->hdr.creator_id, CPER_CREATOR_PSTORE) != 0)
goto skip;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment