diff options
| author |   Arnd Bergmann <arnd@arndb.de> | 2015-03-11 22:46:59 +0100 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2015-03-12 00:28:01 -0400 |
| commit | f862e07cf95d5b62a5fc5e981dd7d0dbaf33a501 (patch) | |
| tree | 7d93064db9c1d903692457c993353ae87cefd632 /drivers/net | |
| parent | sock: fix possible NULL sk dereference in __skb_tstamp_tx (diff) | |
| download | linux-dev-f862e07cf95d5b62a5fc5e981dd7d0dbaf33a501.tar.xz linux-dev-f862e07cf95d5b62a5fc5e981dd7d0dbaf33a501.zip | |
rds: avoid potential stack overflow
The rds_iw_update_cm_id function stores a large 'struct rds_sock' object
on the stack in order to pass a pair of addresses. This happens to just
fit withint the 1024 byte stack size warning limit on x86, but just
exceed that limit on ARM, which gives us this warning:
net/rds/iw_rdma.c:200:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=]
As the use of this large variable is basically bogus, we can rearrange
the code to not do that. Instead of passing an rds socket into
rds_iw_get_device, we now just pass the two addresses that we have
available in rds_iw_update_cm_id, and we change rds_iw_get_mr accordingly,
to create two address structures on the stack there.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net')
0 files changed, 0 insertions, 0 deletions