powerpc: Fix corruption error in rh_alloc_fixed()

There is an error in rh_alloc_fixed() of the Remote Heap code:
If there is at least one free block blk won't be NULL at the end of the
search loop, so -ENOMEM won't be returned and the else branch of
"if (bs == s || be == e)" will be taken, corrupting the management
structures.

Signed-off-by: Guillaume Knispel <[email protected]>
Acked-by: Timur Tabi <[email protected]>
Signed-off-by: Kumar Gala <[email protected]>

diff --git a/arch/powerpc/lib/rheap.c b/arch/powerpc/lib/rheap.c
index 29b2941cada0b67ac5be0248c2a1321179bf19a6..45907c1dae66da343344b5e1cfe9c682afc409ff 100644 (file)
--- a/arch/powerpc/lib/rheap.c
+++ b/arch/powerpc/lib/rheap.c
@@ -556,6 +556,7 @@ unsigned long rh_alloc_fixed(rh_info_t * info, unsigned long start, int size, co
                be = blk->start + blk->size;
                if (s >= bs && e <= be)
                        break;
+               blk = NULL;
        }
 
        if (blk == NULL)