Inicio Explorar Axuda
Rexistro Iniciar sesión
phyus
/
linux-vybrid_public
8
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

[SCSI] gdth: Prevent negative offsets in ioctl CVE-2009-3080

A negative offset could be used to index before the event buffer and
lead to a security breach.

Signed-off-by: Dave Jones <davej@redhat.com>
Cc: Stable Tree <stable@kernel.org>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Dave Jones %!s(int64=15) %!d(string=hai) anos
pai
198439e4af
achega
690e744869
Modificáronse 1 ficheiros con 1 adicións e 1 borrados
Unificar vista Mostrar estatísticas de Diff
  1. 1 1
      drivers/scsi/gdth.c

+ 1 - 1
drivers/scsi/gdth.c
Ver ficheiro 

@@ -2900,7 +2900,7 @@ static int gdth_read_event(gdth_ha_str *ha, int handle, gdth_evt_str *estr)
 
         eindex = handle;
 
         eindex = handle;
 
     estr->event_source = 0;
 
     estr->event_source = 0;
 
 
 
-    if (eindex >= MAX_EVENTS) {
 
+    if (eindex < 0 || eindex >= MAX_EVENTS) {
 
         spin_unlock_irqrestore(&ha->smp_lock, flags);
 
         spin_unlock_irqrestore(&ha->smp_lock, flags);
 
         return eindex;
 
         return eindex;
 
     }
 
     }