> Igmar,
>
> Thanks for attempting to validate that the problem is fixed in a
> later release. However, I still stand by my submission.
The problem was that the kernel was overwriting a userspace buffer, used
to copy the data to. I can have a look at the code to see if it is really
fixed.
It seems really fixed, even dd likes the new sitation.. It always
segfaulted with the old kernel.
> If the readers will note, the problem is in 2.2.14 and
> AND in 2.3.5 as referenced by another auther. It looks like the
Both kernels are VERY OLD. 2.3.5 is ancient, 2.2.14 is also. Upgrading
should be done anyway due to security bugs present in < 2.2.16
> info structure in drivers/char/serial.c:line_info is not sufficiently
> initialized in all cases that might be processed by serial_in()
> for instance, the CONFIG_HUB6 case. If line_info populates an
> info struct and CONFIG_HUB6 is defined and info->hub6 is
> dereferenced, there may well be garbage in info->hub6.
>
> I've searched the source trees and I don't see any of the fixes
> between 2.2.14 and 2.2.17 referenced by the previous author at
> the end of my original post.
>
> That said, the incompletely initialized "info" structure problem
> exists. The fact that you and many others may not encountered the
> problem is pure happenstance either because CONFIG_HUB6 was not
> configured or you were lucky enough not to have garbage in any
> of the data structures.
>
> So, if I upgraded to 2.2.17 and the problem went away, that doesn't
> mean the problem doesn't exist, it just means that the problem may
> simply be being masked or has not yet been encountered.
I'll have a look at the code these days..
Igmar
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Sep 23 2000 - 21:00:15 EST