vegard.nossum at gmail
Jul 7, 2008, 4:27 AM
Post #1 of 1
(59 views)
Permalink
|
|
Use of uninitialized memory in rate_control_pid_alloc()
|
|
Hi,
kmemcheck found this in next-20080704:
This patch:
commit 1946b74ce03c4edecabde80d027da00a7eab56ca
Author: Mattias Nissler <mattias.nissler[at]gmx.de>
Date: Thu Dec 20 13:27:26 2007 +0100
rc80211-pid: export tuning parameters through debugfs
contained this hunk (net/mac80211/rc80211_pid_algo.c):
@@ -363,10 +375,10 @@ static void *rate_control_pid_alloc(struct ieee80211_local
for (i = 0; i < mode->num_rates; i++) {
rinfo[i].index = i;
rinfo[i].rev_index = i;
- if (RC_PID_FAST_START)
+ if (pinfo->fast_start)
rinfo[i].diff = 0;
else
- rinfo[i].diff = i * RC_PID_NORM_OFFSET;
+ rinfo[i].diff = i * pinfo->norm_offset;
}
for (i = 1; i < mode->num_rates; i++) {
s = 0;
which is obviously wrong, since "pinfo" is allocated just above and
has never been initialized.
It seems that this is present (unfixed) in mainline as well.
Vegard
--
"The animistic metaphor of the bug that maliciously sneaked in while
the programmer was not looking is intellectually dishonest as it
disguises that the error is the programmer's own creation."
-- E. W. Dijkstra, EWD1036
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo[at]vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
|
