Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Wed, 16 May 2018 18:41:50 +0300
Cc: David Airlie <airlied@xxxxxxxx>, kernel-janitors@xxxxxxxxxxxxxxx, dri-devel@xxxxxxxxxxxxxxxxxxxxx
In-reply-to: <20180516151554.grlkemklosrksxpm@mwanda>
References: <20180516140026.GA19340@mwanda> <152648076734.11239.17221064386545833125@mail.alporthouse.com> <20180516145257.kct63hzesuey6jbc@mwanda> <152648261507.11239.9847993632251714966@mail.alporthouse.com> <20180516151554.grlkemklosrksxpm@mwanda>
User-agent: NeoMutt/20170609 (1.8.3)

Btw, I've looked at this some more and I'm 99% sure there is no way to
exploit it.  The "if (PAGE_ALIGN(size) == 0)" prevents the integer
overflow in __vgem_gem_create() that I was worried about.

regards,
dan carpenter


_______________________________________________
dri-devel mailing list
dri-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/dri-devel

References:
- [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
  - From: Dan Carpenter
- Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
  - From: Chris Wilson
- Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
  - From: Dan Carpenter
- Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
  - From: Chris Wilson
- Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
  - From: Dan Carpenter

Prev by Date: Re: [PATCH 1/3] drm/vkms: Add basic CRTC initialization
Next by Date: Re: [PATCH 1/3] drm/vkms: Add basic CRTC initialization
Previous by thread: Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
Next by thread: Re: [PATCH v2] drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
Index(es):
- Date
- Thread

[Index of Archives] [Linux DRI Users] [Linux Intel Graphics] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI] [XFree86] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Linux Kernel] [Linux SCSI] [XFree86]