firewire: fw-ohci: catch self_id_count == 0 fw_core_handle_bus_reset() incorrectly relied on the assumption that self_id_count > 0. We check early in fw-ohci and discard the self ID complete event if self_id_count == 0 because a valid event always has at least one self ID packet in it (the one of the local node). Hence treat self_id_count == 0 like any other kind of invalid self ID buffer. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Jarod Wilson <jwilson@redhat.com>

commit: 016bf3dfcf7c7fbad8f02e72b6e01d6773426f9d [log] [tgz]
author: Stefan Richter <stefanr@s5r6.in-berlin.de> Wed Mar 19 22:05:02 2008 +0100
committer: Stefan Richter <stefanr@s5r6.in-berlin.de> Fri Apr 18 17:55:34 2008 +0200
tree: 844a04d866b5b0d5eccdb795ad7e6c9fc79f3f2c
parent: c8a9a498e16b2a6c0e4e367b1a01f80fdfd7b6e2 [diff] [blame]
diff --git a/drivers/firewire/fw-ohci.c b/drivers/firewire/fw-ohci.c
index 1f6f15f..0c4a07f 100644
--- a/drivers/firewire/fw-ohci.c
+++ b/drivers/firewire/fw-ohci.c

@@ -1031,6 +1031,10 @@
 	 * bit extra to get the actual number of self IDs.
 	 */
 	self_id_count = (reg >> 3) & 0x3ff;
+	if (self_id_count == 0) {
+		fw_notify("inconsistent self IDs\n");
+		return;
+	}
 	generation = (cond_le32_to_cpu(ohci->self_id_cpu[0]) >> 16) & 0xff;
 	rmb();
commit	016bf3dfcf7c7fbad8f02e72b6e01d6773426f9d	[log] [tgz]
author	Stefan Richter <stefanr@s5r6.in-berlin.de>	Wed Mar 19 22:05:02 2008 +0100
committer	Stefan Richter <stefanr@s5r6.in-berlin.de>	Fri Apr 18 17:55:34 2008 +0200
tree	844a04d866b5b0d5eccdb795ad7e6c9fc79f3f2c
parent	c8a9a498e16b2a6c0e4e367b1a01f80fdfd7b6e2 [diff] [blame]