summaryrefslogtreecommitdiffstats
path: root/fs/fuse
diff options
context:
space:
mode:
authorTimo Warns <Warns@pre-sense.de>2011-03-14 14:59:33 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2011-03-14 10:14:28 -0700
commit1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05 (patch)
treeeae0a7cdf358b1b0396e9c3ec935d0e6be72bdb2 /fs/fuse
parent2fbfac4e053861925fa3fffcdc327649b09af54c (diff)
Fix corrupted OSF partition table parsing
The kernel automatically evaluates partition tables of storage devices. The code for evaluating OSF partitions contains a bug that leaks data from kernel heap memory to userspace for certain corrupted OSF partitions. In more detail: for (i = 0 ; i < le16_to_cpu(label->d_npartitions); i++, partition++) { iterates from 0 to d_npartitions - 1, where d_npartitions is read from the partition table without validation and partition is a pointer to an array of at most 8 d_partitions. Add the proper and obvious validation. Signed-off-by: Timo Warns <warns@pre-sense.de> Cc: stable@kernel.org [ Changed the patch trivially to not repeat the whole le16_to_cpu() thing, and to use an explicit constant for the magic value '8' ] Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/fuse')
0 files changed, 0 insertions, 0 deletions