xfs
[Top] [All Lists]

Re: [patch] xfs: underflow bug in xfs_attrlist_by_handle()

To: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Subject: Re: [patch] xfs: underflow bug in xfs_attrlist_by_handle()
From: Ben Myers <bpm@xxxxxxx>
Date: Wed, 4 Dec 2013 15:53:59 -0600
Cc: Fabian Yamaguchi <fabs@xxxxxxxxx>, security@xxxxxxxxxx, Alex Elder <elder@xxxxxxxxxx>, Nico Golde <nico@xxxxxxxxx>, xfs@xxxxxxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20131031180010.GA24839@xxxxxxxxxxxxxxxxx>
References: <20131025144452.GA28451@xxxxxxxxx> <20131031180010.GA24839@xxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.20 (2009-06-14)
On Thu, Oct 31, 2013 at 09:00:10PM +0300, Dan Carpenter wrote:
> If we allocate less than sizeof(struct attrlist) then we end up
> corrupting memory or doing a ZERO_PTR_SIZE dereference.
> 
> This can only be triggered with CAP_SYS_ADMIN.
> 
> Reported-by: Nico Golde <nico@xxxxxxxxx>
> Reported-by: Fabian Yamaguchi <fabs@xxxxxxxxx>
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

Applied.  Thanks Dan.

<Prev in Thread] Current Thread [Next in Thread>
  • Re: [patch] xfs: underflow bug in xfs_attrlist_by_handle(), Ben Myers <=