diff options
author | Greg Kroah-Hartman <gregkh@suse.de> | 2011-11-16 08:46:02 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-11-16 08:46:02 -0800 |
commit | ca7b8761eb68e682483d610cfbc1083a2dd1234a (patch) | |
tree | fab2ec606c11ee6df6606faf0e023031d16090c3 | |
parent | 02f2994735c1e7ad8409286a99fe7f3c0f017b1e (diff) | |
download | longterm-queue-2.6.32-ca7b8761eb68e682483d610cfbc1083a2dd1234a.tar.gz |
32 patches
added patches:
hfs-add-sanity-check-for-file-name-length.patch
-rw-r--r-- | queue-2.6.32/hfs-add-sanity-check-for-file-name-length.patch | 32 | ||||
-rw-r--r-- | queue-2.6.32/series | 1 |
2 files changed, 33 insertions, 0 deletions
diff --git a/queue-2.6.32/hfs-add-sanity-check-for-file-name-length.patch b/queue-2.6.32/hfs-add-sanity-check-for-file-name-length.patch new file mode 100644 index 0000000..ac81a10 --- /dev/null +++ b/queue-2.6.32/hfs-add-sanity-check-for-file-name-length.patch @@ -0,0 +1,32 @@ +From bc5b8a9003132ae44559edd63a1623b7b99dfb68 Mon Sep 17 00:00:00 2001 +From: Dan Carpenter <dan.carpenter@oracle.com> +Date: Mon, 14 Nov 2011 17:52:08 +0300 +Subject: hfs: add sanity check for file name length + +From: Dan Carpenter <dan.carpenter@oracle.com> + +commit bc5b8a9003132ae44559edd63a1623b7b99dfb68 upstream. + +On a corrupted file system the ->len field could be wrong leading to +a buffer overflow. + +Reported-and-acked-by: Clement LECIGNE <clement.lecigne@netasq.com> +Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> +Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + fs/hfs/trans.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/fs/hfs/trans.c ++++ b/fs/hfs/trans.c +@@ -40,6 +40,8 @@ int hfs_mac2asc(struct super_block *sb, + + src = in->name; + srclen = in->len; ++ if (srclen > HFS_NAMELEN) ++ srclen = HFS_NAMELEN; + dst = out; + dstlen = HFS_MAX_NAMELEN; + if (nls_io) { diff --git a/queue-2.6.32/series b/queue-2.6.32/series index 79dc596..4e7b379 100644 --- a/queue-2.6.32/series +++ b/queue-2.6.32/series @@ -4,3 +4,4 @@ nfs-sunrpc-don-t-use-a-credential-with-extra-groups.patch netlink-validate-nla_msecs-length.patch mtd-mtdchar-add-missing-initializer-on-raw-write.patch pm-suspend-off-by-one-in-pm_suspend.patch +hfs-add-sanity-check-for-file-name-length.patch |