# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
#	           ChangeSet	1.1522  -> 1.1523 
#	drivers/serial/8250.c	1.36    -> 1.37   
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 03/10/16	bjorn.helgaas@hp.com	1.1523
# [PATCH] early_serial_setup array bounds check
# 
# early_serial_setup() doesn't validate the array index,
# so a caller could corrupt memory after serial8250_ports[]
# by supplying a value of port->line that's too large.
# 
# I haven't seen a failure related to this, but it seems fragile
# to rely on callers to know how many ports the driver supports.
# --------------------------------------------
#
diff -Nru a/drivers/serial/8250.c b/drivers/serial/8250.c
--- a/drivers/serial/8250.c	Fri Oct 17 00:38:31 2003
+++ b/drivers/serial/8250.c	Fri Oct 17 00:38:31 2003
@@ -2086,6 +2086,9 @@
 
 int __init early_serial_setup(struct uart_port *port)
 {
+	if (port->line >= ARRAY_SIZE(serial8250_ports))
+		return -ENODEV;
+
 	serial8250_isa_init_ports();
 	serial8250_ports[port->line].port	= *port;
 	serial8250_ports[port->line].port.ops	= &serial8250_pops;