diff options
| author | H. Peter Anvin <hpa@zytor.com> | 2012-07-19 07:29:55 -0700 |
|---|---|---|
| committer | H. Peter Anvin <hpa@zytor.com> | 2012-07-19 07:29:55 -0700 |
| commit | 0a0e0e41cad93cd16c323cf16f40264a21eedd6c (patch) | |
| tree | f8d2940bdc4d8fcf9a988448b2f6abd1b89d92f3 | |
| parent | 59b77fcf04f4ddfe012c0f613eff1f873e6bd274 (diff) | |
| download | syslinux-0a0e0e41cad93cd16c323cf16f40264a21eedd6c.tar.gz syslinux-0a0e0e41cad93cd16c323cf16f40264a21eedd6c.tar.xz syslinux-0a0e0e41cad93cd16c323cf16f40264a21eedd6c.zip | |
Correct initialization of the cache doubly-linked listsyslinux-4.06-pre11
The initialization of the cache doubly-linked list had
head->next->prev instead of head->prev->next; this entry is supposed
to initialize the ->next entry of the last entry in the list (which
points back to the head node.)
For clarity, consistently use "head" to refer to the head node; the
mixing of "head" and "dev->cache_head" needlessly obfuscated the code.
The wild pointer reference caused crashes on some systems.
Reported-by: Jan Safrata <jsafrata@centrum.cz>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
| -rw-r--r-- | core/fs/cache.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/core/fs/cache.c b/core/fs/cache.c index 0d7891be..3b21fc26 100644 --- a/core/fs/cache.c +++ b/core/fs/cache.c @@ -37,10 +37,10 @@ void cache_init(struct device *dev, int block_size_shift) dev->cache_head = head = (struct cache *) (data + (dev->cache_entries << block_size_shift)); - cache = dev->cache_head + 1; /* First cache descriptor */ + cache = head + 1; /* First cache descriptor */ head->prev = &cache[dev->cache_entries-1]; - head->next->prev = dev->cache_head; + head->prev->next = head; head->block = -1; head->data = NULL; |