diff options
| author | Cyril Bur <cyril.bur@au1.ibm.com> | 2017-08-03 16:45:43 +1000 |
|---|---|---|
| committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2017-08-15 16:37:14 +1000 |
| commit | 00d05bc8a20abfdc2d692cccb250844f1477e95a (patch) | |
| tree | e7d79d95ecc313b3ed6867bb0b447857ce9ef8d9 /hw/prd.c | |
| parent | b11fd35325a875eef987de1d3affc60c0c222d23 (diff) | |
| download | skiboot-00d05bc8a20abfdc2d692cccb250844f1477e95a.zip skiboot-00d05bc8a20abfdc2d692cccb250844f1477e95a.tar.gz skiboot-00d05bc8a20abfdc2d692cccb250844f1477e95a.tar.bz2 | |
libflash/blocklevel: Fix theoretical use after free (CID 145924)
If we extend the ECC protection array and subsequently decide to merge
regions in one call then there would be a use after free bug. While this
exists in theory and was caught by Coverity, it should never happen
since we only merge regions if we're low on space but the cause of the
use after free is due to having just created more space.
Nevertheless, this is the kind of ticking timebomb that simply requires
some code rearrangement or different 'optimisations' to become possible.
Best to just make it impossible.
Fixes CID 145924
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'hw/prd.c')
0 files changed, 0 insertions, 0 deletions