Re: [PATCH v3.10-stable] splice: Apply generic position and size checks to each write

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2015/3/20 17:05, Greg KH wrote:
> On Fri, Mar 20, 2015 at 04:59:42PM +0800, Zhang Zhen wrote:
>> We need to check the position and size of file writes against various
>> limits, using generic_write_check(). This was not being done for
>> the splice write path. It was fixed upstream by commit 8d0207652cbe
>> ("->splice_write() via ->write_iter()") but we can't apply that.
>>
>> CVE-2014-7822
>>
>> Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
>> [Ben fixed it in 3.2 stable, i ported it to 3.10 stable]
>> Signed-off-by: Zhang Zhen <zhenzhang.zhang@xxxxxxxxxx>
>> ---
>>  fs/ocfs2/file.c | 8 +++++---
>>  fs/splice.c     | 8 ++++++--
>>  2 files changed, 11 insertions(+), 5 deletions(-)
> 
> What is the git commit id of this in Linus's tree?

In Linus's tree the commit is 8d0207652cbe, but this commit can't be
applied to 3.10-stable.

So i ported Ben's fix from 3.2-stable. It's commit id is
894c6350eaad7e613ae267504014a456e00a3e2a in 3.2-stable tree.

Best regards!
> --
> To unsubscribe from this list: send the line "unsubscribe stable" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> 


--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]