Re: [PATCH 1/1] ide: memory overrun in ide_get_identity_ioctl() on big endian machines using ioctl HDIO_OBSOLETE_IDENTITY

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Bartlomiej Zolnierkiewicz <bzolnier@xxxxxxxxx>
Date: Mon, 22 Jun 2009 11:49:14 +0200

> On Sunday 21 June 2009 00:04:23 Christian Engelmayer wrote:
>> From: Christian Engelmayer <christian.engelmayer@xxxxxxxxxxxxxx>
>> 
>> This patch fixes a memory overrun in function ide_get_identity_ioctl() which
>> chooses the size of a memory buffer depending on the ioctl command that led
>> to the function call, however, passes that buffer to a function which needs the
>> buffer size to be always chosen unconditionally.
>> 
>> Due to conditional compilation the memory overrun can only happen on big endian
>> machines. The error can be triggered using ioctl HDIO_OBSOLETE_IDENTITY. Usage
>> of ioctl HDIO_GET_IDENTITY is safe.
>> 
>> Signed-off-by: Christian Engelmayer <christian.engelmayer@xxxxxxxxxxxxxx>
> 
> Acked-by: Bartlomiej Zolnierkiewicz <bzolnier@xxxxxxxxx>

Applied, thanks everyone.
--
To unsubscribe from this list: send the line "unsubscribe linux-ide" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Filesystems]     [Linux SCSI]     [Linux RAID]     [Git]     [Kernel Newbies]     [Linux Newbie]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Samba]     [Device Mapper]

  Powered by Linux