[PATCH] pktcdvd: Fix overflow for discs with large packets The pktcdvd driver was using an 8 bit field to store the packet length obtained from the disc track info. This causes it to overflow packet length values of 128KB or more. I changed the field to 32 bits to fix this. The pktcdvd driver defaulted to its maximum allowed packet length when it detected a 0 in the track info field. I changed this to fail the operation and refuse to access the media. This seems more sane than attempting to access it with a value that almost certainly will not work. Signed-off-by: Peter Osterlund <petero2@telia.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: a460ad62260def15c42130de253d6cfc32528a2f [log] [tgz]
author: Phillip Susi <psusi@cfl.rr.com> Sat Feb 04 23:27:44 2006 -0800
committer: Linus Torvalds <torvalds@g5.osdl.org> Sun Feb 05 11:06:52 2006 -0800
tree: 6fd5b90db456ae6a333a224b8c1c975474bb3c27
parent: bd576c9523fbf23e94fb7dbe05d2ae1cf96864e4 [diff]
diff --git a/drivers/block/pktcdvd.c b/drivers/block/pktcdvd.c
index 93affee..d95e7e1 100644
--- a/drivers/block/pktcdvd.c
+++ b/drivers/block/pktcdvd.c

@@ -1639,7 +1639,7 @@
 	pd->settings.size = be32_to_cpu(ti.fixed_packet_size) << 2;
 	if (pd->settings.size == 0) {
 		printk("pktcdvd: detected zero packet size!\n");
-		pd->settings.size = 128;
+		return -ENXIO;
 	}
 	if (pd->settings.size > PACKET_MAX_SECTORS) {
 		printk("pktcdvd: packet size is too big\n");
commit	a460ad62260def15c42130de253d6cfc32528a2f	[log] [tgz]
author	Phillip Susi <psusi@cfl.rr.com>	Sat Feb 04 23:27:44 2006 -0800
committer	Linus Torvalds <torvalds@g5.osdl.org>	Sun Feb 05 11:06:52 2006 -0800
tree	6fd5b90db456ae6a333a224b8c1c975474bb3c27
parent	bd576c9523fbf23e94fb7dbe05d2ae1cf96864e4 [diff]