pcmcia cis: on an out of range CIS read return 0xff, don't just warn

The current code displays warnings but then proceeds to try and reference the data through the PCMCIA window. Instead return 0xff. This prevents bogus CIS data sending us off into hyperspace. Signed-off-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Alan Cox <alan@linux.intel.com> 2014-12-10 15:06:10 (GMT)
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-01-12 13:04:12 (GMT)
commit: b38a4bd319e615b4eb4be9d8c0d5ddc13113c768 (patch)
tree: c00237e66efd36f57463c30c2b3b260512214be6 /drivers/pcmcia
parent: a6c6193a3662f6634ad7f797597081556a9db068 (diff)
download: linux-b38a4bd319e615b4eb4be9d8c0d5ddc13113c768.tar.xz
1 files changed, 4 insertions, 1 deletions
diff --git a/drivers/pcmcia/cistpl.c b/drivers/pcmcia/cistpl.c
index 884a984..4ff725c 100644
--- a/drivers/pcmcia/cistpl.c
+++ b/drivers/pcmcia/cistpl.c
@@ -168,9 +168,12 @@ int pcmcia_read_cis_mem(struct pcmcia_socket *s, int attr, u_int addr,
 	} else {
 		u_int inc = 1, card_offset, flags;
 
-		if (addr > CISTPL_MAX_CIS_SIZE)
+		if (addr > CISTPL_MAX_CIS_SIZE) {
 			dev_dbg(&s->dev,
 				"attempt to read CIS mem at addr %#x", addr);
+			memset(ptr, 0xff, len);
+			return -1;
+		}
 
 		flags = MAP_ACTIVE | ((cis_width) ? MAP_16BIT : 0);
 		if (attr) {
author	Alan Cox <alan@linux.intel.com>	2014-12-10 15:06:10 (GMT)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2015-01-12 13:04:12 (GMT)
commit	b38a4bd319e615b4eb4be9d8c0d5ddc13113c768 (patch)
tree	c00237e66efd36f57463c30c2b3b260512214be6 /drivers/pcmcia
parent	a6c6193a3662f6634ad7f797597081556a9db068 (diff)
download	linux-b38a4bd319e615b4eb4be9d8c0d5ddc13113c768.tar.xz