linux

History

Wang Chen b88a2a22c6 netdevice zd1201: Use after free \| commit `3d29b0c33d` \| Author: John W. Linville <linville@tuxdriver.com> \| Date: Fri Oct 31 14:13:12 2008 -0400 \| \| netdevice zd1201: Convert directly reference of netdev->priv to netdev_priv() \| \| We have some reasons to kill netdev->priv: \| 1. netdev->priv is equal to netdev_priv(). \| 2. netdev_priv() wraps the calculation of netdev->priv's offset, obviously \| netdev_priv() is more flexible than netdev->priv. \| But we cann't kill netdev->priv, because so many drivers reference to it \| directly. \| \| OK, becasue Dave S. Miller said, "every direct netdev->priv usage is a bug", \| and I want to kill netdev->priv later, I decided to convert all the direct \| reference of netdev->priv first. \| \| (Original patch posted by Wang Chen <wangchen@cn.fujitsu.com> w/ above \| changelog but using dev->ml_priv. That doesn't seem appropriate \| to me for this driver, so I've revamped it to use netdev_priv() \| instead. -- JWL) This commit changed the allocation of netdev, but didn't change the free method of it. This causes "zd" be used after the memory, which is pointed by "zd", being freed by free_netdev(). Signed-off-by: Wang Chen <wangchen@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2008-12-18 22:27:38 -08:00
..
accessibility	…
acpi	ACPI toshiba: only register rfkill if bt is enabled	2008-12-15 16:27:07 -08:00
amba	…
ata	ata: Fix experimental tags	2008-12-09 00:44:29 -05:00
atm	ATM: horizon, fix hrz_probe fail path	2008-11-29 20:42:28 -08:00
auxdisplay	…
base	…
block	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6	2008-12-15 20:03:50 -08:00
bluetooth	Bluetooth: Enable per-module dynamic debug messages	2008-11-30 12:17:28 +01:00
cdrom	Commands needing to be retried require a complete re-initialization.	2008-12-12 16:04:26 +01:00
char	console ASCII glyph 1:1 mapping	2008-12-13 11:25:49 -08:00
clocksource	…
connector	…
cpufreq	…
cpuidle	regression: disable timer peek-ahead for 2.6.28	2008-11-09 16:28:42 -08:00
crypto	fix talitos	2008-11-30 10:03:36 -08:00
dca	[4/4] dca: fixup initialization dependency	2008-11-10 15:01:03 -08:00
dio	…
dma	dmaengine: struct device - replace bus_id with dev_name(), dev_set_name()	2008-11-11 13:12:33 -07:00
edac	i82875p_edac: fix module remove	2008-12-01 19:55:25 -08:00
eisa	…
firewire	firewire: fw-ohci: fix IOMMU resource exhaustion	2008-12-10 12:45:34 +01:00
firmware	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6	2008-11-11 15:43:02 -08:00
gpio	gpiolib: extend gpio label column width in debugfs file	2008-11-19 18:49:57 -08:00
gpu	drm/i915: Disable the GM965 MSI errata workaround.	2008-12-09 15:37:24 +10:00
hid	HID: Apple ALU wireless keyboards are bluetooth devices	2008-11-28 15:09:26 +01:00
hwmon	hwmon: applesmc: make applesmc load automatically on startup	2008-12-01 19:55:24 -08:00
i2c	i2c-highlander: Trivial endian casting fixes	2008-12-11 12:11:21 +01:00
ide	[IA64] Clear up section mismatch for ioc4_ide_attach_one.	2008-12-09 10:08:48 -08:00
idle	…
ieee1394	ieee1394: node manager causes up to ~3.25s delay in freezing tasks	2008-12-09 19:34:33 +01:00
infiniband	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6	2008-12-02 19:50:27 -08:00
input	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input	2008-11-30 11:05:21 -08:00
isdn	isdn: eicon: fix sparse warning: make global functions static	2008-12-16 01:17:33 -08:00
leds	remove unused #include <version.h>'s	2008-11-01 09:50:12 -07:00
lguest	…
macintosh	rackmeter section fixes	2008-11-30 10:03:37 -08:00
mca	…
md	block: fix setting of max_segment_size and seg_boundary mask	2008-12-03 12:55:55 +01:00
media	dvb: Kill directly reference of netdev->priv	2008-12-03 21:13:13 -08:00
memstick	…
message	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6	2008-12-15 20:03:50 -08:00
mfd	mfd: Correct WM8350 I2C return code usage	2008-11-16 19:58:47 +01:00
misc	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6	2008-12-15 20:03:50 -08:00
mmc	mmc: struct device - replace bus_id with dev_name(), dev_set_name()	2008-11-08 21:37:46 +01:00
mtd	Merge git://git.infradead.org/mtd-2.6	2008-12-09 08:28:36 -08:00
net	netdevice zd1201: Use after free	2008-12-18 22:27:38 -08:00
nubus	…
of	OF-device: Don't overwrite numa_node in device registration	2008-10-31 16:12:01 +11:00
oprofile	…
parisc	netdev: introduce dev_get_stats()	2008-11-19 21:40:23 -08:00
parport	parport_serial: fix array overflow	2008-12-01 19:55:24 -08:00
pci	PCIe: ASPM: Break out of endless loop waiting for PCI config bits to switch	2008-12-09 14:59:24 -08:00
pcmcia	pcmcia: blackfin: fix bug - add missing ; to MODULE macro	2008-12-15 16:27:06 -08:00
pnp	drivers: remove duplicated #include	2008-11-04 08:18:19 -08:00
power	…
ps3	powerpc/ps3: Fix compile error in ps3-lpm.c	2008-11-05 19:59:08 +11:00
rapidio	rapidio section noise	2008-11-30 10:03:37 -08:00
regulator	regulator: Use menuconfig in Kconfig	2008-11-09 14:49:23 +00:00
rtc	rtc twl4030: rename ioctl function when RTC_INTF_DEV=n	2008-12-10 08:01:53 -08:00
s390	s390_net: Kill directly reference of netdev->priv	2008-12-06 23:57:49 -08:00
sbus	Revert "of_platform_driver noise on sparce"	2008-12-01 07:55:14 -08:00
scsi	Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6	2008-12-15 20:03:50 -08:00
serial	Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6	2008-12-10 10:04:25 -08:00
sh	…
sn	…
spi	spi: fix spi_s3c24xx_gpio num_chipselect	2008-12-01 19:55:24 -08:00
ssb	ssb: struct device - replace bus_id with dev_name(), dev_set_name()	2008-11-21 11:06:03 -05:00
staging	staging-winbond: Kill directly reference of netdev->priv	2008-12-08 01:13:25 -08:00
tc	…
telephony	telephony: trivial: fix up email address	2008-11-11 09:30:23 -08:00
thermal	…
uio	saner FASYNC handling on file close	2008-11-01 09:49:46 -07:00
usb	Phonet: USB CDC Phonet function for gadget framework	2008-12-17 15:49:09 -08:00
uwb	…
video	Revert "radeonfb: accelerate imageblit and other improvements"	2008-12-10 16:53:32 -08:00
virtio	…
w1	W1_MASTER_DS1WM should depend on HAVE_CLK	2008-11-30 10:03:36 -08:00
watchdog	iTCO_wdt: fix typo when setting TCO_EN bit	2008-12-03 16:20:19 -08:00
xen	xen: fix scrub_page()	2008-11-17 19:11:26 +01:00
zorro	…
Kconfig	…
Makefile	…