From edced191e4512b7795380563634f4d44b21c684a Mon Sep 17 00:00:00 2001 From: Jiri Slaby Date: Sat, 8 Aug 2009 11:36:06 +0200 Subject: [PATCH] [SCSI] nsp_cs: fix buf overflow In nsp_cs_config there is a wrong struct nsp_cs_configdata allocation. It allocates only sizeof(pointer to nsp_cs_configdata) for a whole structure. Add a dereference to the sizeof to allocate sizeof(nsp_cs_configdata). Signed-off-by: Jiri Slaby Signed-off-by: James Bottomley --- drivers/scsi/pcmcia/nsp_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/pcmcia/nsp_cs.c b/drivers/scsi/pcmcia/nsp_cs.c index 70b60ade049e..e32c344d7ad8 100644 --- a/drivers/scsi/pcmcia/nsp_cs.c +++ b/drivers/scsi/pcmcia/nsp_cs.c @@ -1713,7 +1713,7 @@ static int nsp_cs_config(struct pcmcia_device *link) nsp_dbg(NSP_DEBUG_INIT, "in"); - cfg_mem = kzalloc(sizeof(cfg_mem), GFP_KERNEL); + cfg_mem = kzalloc(sizeof(*cfg_mem), GFP_KERNEL); if (!cfg_mem) return -ENOMEM; cfg_mem->data = data;