shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 20:32:04 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
01b242ac8ee97cfe93498d00a511fae38d38532b
linux/fs
History
Timo Warns 8bdae89273 Fix for buffer overflow in ldm_frag_add not sufficient 
commit cae13fe4cc upstream.

As Ben Hutchings discovered [1], the patch for CVE-2011-1017 (buffer
overflow in ldm_frag_add) is not sufficient.  The original patch in
commit c340b1d640 ("fs/partitions/ldm.c: fix oops caused by corrupted
partition table") does not consider that, for subsequent fragments,
previously allocated memory is used.

[1] http://lkml.org/lkml/2011/5/6/407

Reported-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Timo Warns <warns@pre-sense.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-06-23 15:24:02 -07:00
..
9p
9p: Skip check for mandatory locks when unlocking
2010-04-26 07:41:29 -07:00
adfs
adfs: remove redundant test on unsigned
2009-09-24 07:21:05 -07:00
affs
fix affs parse_options()
2010-02-09 04:50:48 -08:00
afs
FS-Cache: Handle pages pending storage that get evicted under OOM conditions
2009-11-19 18:11:35 +00:00
autofs
trivial: remove unnecessary semicolons
2009-09-21 15:14:58 +02:00
autofs4
autofs4 - fix missed case when changing to use struct path
2009-08-31 17:44:05 -10:00
befs
befs: fix leak
2010-02-23 07:37:55 -08:00
bfs
Fix failure exits in bfs_fill_super()
2010-02-09 04:50:46 -08:00
btrfs
btrfs: Require CAP_SYS_ADMIN for filesystem rebalance
2011-05-09 15:55:35 -07:00
cachefiles
CacheFiles: Fix error handling in cachefiles_determine_cache_security()
2010-05-26 14:29:20 -07:00
cifs
cifs: add fallback in is_path_accessible for old servers
2011-05-23 11:20:18 -07:00
coda
headers: remove sched.h from poll.h
2009-10-04 15:05:10 -07:00
configfs
writeback: add name to backing_dev_info
2009-09-11 09:20:26 +02:00
cramfs
fs/cramfs: return f_fsid for statfs(2)
2009-04-02 19:05:08 -07:00
debugfs
debugfs: fix create mutex racy fops and private data
2009-12-18 14:04:16 -08:00
devpts
devpts_get_tty() should validate inode
2009-12-18 14:04:15 -08:00
dlm
dlm: send reply before bast
2010-08-13 13:20:21 -07:00
ecryptfs
eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
2011-04-14 16:53:21 -07:00
efs
get rid of BKL in fs/efs
2009-06-17 00:36:36 -04:00
exofs
exofs: confusion between kmap() and kmap_atomic() api
2010-07-05 11:10:47 -07:00
exportfs
ext2
ext2: Fix link count corruption under heavy link+rename load
2011-03-07 15:17:54 -08:00
ext3
ext3: Fix fs corruption when make_indexed_dir() fails
2011-06-23 15:24:01 -07:00
ext4
ext4: release page cache in ext4_mb_load_buddy error path
2011-06-23 15:24:01 -07:00
fat
fat: fix buffer overflow in vfat_create_shortname()
2010-04-26 07:41:13 -07:00
freevxfs
headers: smp_lock.h redux
2009-07-12 12:22:34 -07:00
fscache
FS-Cache: Provide nop fscache_stat_d() if CONFIG_FSCACHE_STATS=n
2009-11-20 21:50:44 +00:00
fuse
fuse: fix hang of single threaded fuseblk filesystem
2011-03-07 15:17:53 -08:00
gfs2
GFS2: BUG in gfs2_adjust_quota
2011-05-09 15:55:12 -07:00
hfs
hfs: fix a potential buffer overflow
2009-12-18 14:04:08 -08:00
hfsplus
hfsplus: refuse to mount volumes larger than 2TB
2009-10-29 07:39:27 -07:00
hostfs
hostfs: set maximum filesize in superblock for proper LFS support
2009-06-30 18:56:03 -07:00
hpfs
headers: smp_lock.h redux
2009-07-12 12:22:34 -07:00
hppfs
hppfs: hppfs_read_file() may return -ERROR
2009-04-02 19:04:53 -07:00
hugetlbfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
2009-09-24 08:32:11 -07:00
isofs
fs: Make unload_nls() NULL pointer safe
2009-09-24 07:47:42 -04:00
jbd
jbd: fix fsync() tid wraparound bug
2011-06-23 15:24:01 -07:00
jbd2
ext4, jbd2: Add barriers for file systems with exernal journals
2010-08-02 10:21:10 -07:00
jffs2
jffs2: Fix long-standing bug with symlink garbage collection.
2009-12-18 14:05:52 -08:00
jfs
jfs: don't allow os2 xattr namespace overlap with others
2010-08-13 13:19:48 -07:00
lockd
headers: utsname.h redux
2009-09-23 18:13:10 -07:00
minix
V3 minixfs: add missing directory type checking
2009-09-23 07:39:57 -07:00
ncpfs
const: mark struct vm_struct_operations
2009-09-27 11:39:25 -07:00
nfs
nfs: fix compilation warning
2011-05-09 15:55:13 -07:00
nfs_common
nfsd
Open with O_CREAT flag set fails to open existing files on non writable directories
2011-05-09 15:55:00 -07:00
nilfs2
nilfs2: fix data loss in mmap page write for hole blocks
2011-04-14 16:53:26 -07:00
nls
Merge git://git.kernel.org/pub/scm/linux/kernel/git/hirofumi/fatfs-2.6
2009-09-30 09:31:14 -07:00
notify
inotify: fix inotify oneshot support
2010-09-26 17:21:38 -07:00
ntfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
2009-09-24 08:32:11 -07:00
ocfs2
Treat writes as new when holes span across page boundaries
2011-04-14 16:53:34 -07:00
omfs
const: constify remaining file_operations
2009-10-01 16:11:11 -07:00
openpromfs
partitions
Fix for buffer overflow in ldm_frag_add not sufficient
2011-06-23 15:24:02 -07:00
proc
proc: do proper range check on readdir offset
2011-04-22 08:44:26 -07:00
qnx4
qnx4: remove write support
2009-09-23 07:39:30 -07:00
quota
quota: Don't write quota info in dquot_commit()
2011-04-14 16:53:30 -07:00
ramfs
ramfs: fix memleak on no-mmu arch
2011-04-22 08:44:15 -07:00
reiserfs
reiserfs: fix oops while creating privroot with selinux enabled
2010-08-13 13:20:20 -07:00
romfs
fix leak in romfs_fill_super()
2010-02-09 04:50:47 -08:00
smbfs
fs: Make unload_nls() NULL pointer safe
2009-09-24 07:47:42 -04:00
squashfs
Squashfs: handle corruption of directory structure
2011-04-14 16:53:44 -07:00
sysfs
sysfs: checking for NULL instead of ERR_PTR
2010-09-20 13:17:50 -07:00
sysv
get rid of BKL in fs/sysv
2009-06-17 00:36:37 -04:00
ubifs
UBIFS: fix master node recovery
2011-05-09 15:54:50 -07:00
udf
udf: Try harder when looking for VAT inode
2010-01-06 15:05:00 -08:00
ufs
ufs: sector_t cannot be negative
2009-06-18 13:03:46 -07:00
xfs
xfs: zero proper structure size for geometry calls
2011-04-14 16:53:56 -07:00
aio.c
aio: wake all waiters when destroying ctx
2011-03-27 11:30:26 -07:00
anon_inodes.c
headers: remove sched.h from poll.h
2009-10-04 15:05:10 -07:00
attr.c
truncate: new helpers
2009-09-24 08:41:47 -04:00
bad_inode.c
binfmt_aout.c
Split 'flush_old_exec' into two functions
2010-02-09 04:50:49 -08:00
binfmt_elf_fdpic.c
Split 'flush_old_exec' into two functions
2010-02-09 04:50:49 -08:00
binfmt_elf.c
Split 'flush_old_exec' into two functions
2010-02-09 04:50:49 -08:00
binfmt_em86.c
binfmt_flat.c
Split 'flush_old_exec' into two functions
2010-02-09 04:50:49 -08:00
binfmt_misc.c
binfmt_misc: fix binfmt_misc priority
2010-09-20 13:17:54 -07:00
binfmt_script.c
binfmt_som.c
Split 'flush_old_exec' into two functions
2010-02-09 04:50:49 -08:00
bio-integrity.c
block: fix bugs in bio-integrity mempool usage
2010-02-09 04:50:58 -08:00
bio.c
bio: take care not overflow page count when mapping/copying user data
2010-12-09 13:26:52 -08:00
block_dev.c
block: rescan partitions on invalidated devices on -ENOMEDIA too
2011-06-23 15:24:01 -07:00
buffer.c
Merge branch 'writeback' of git://git.kernel.dk/linux-2.6-block
2009-09-25 09:27:30 -07:00
char_dev.c
char: Mark /dev/zero and /dev/kmem as not capable of writeback
2010-09-26 17:21:26 -07:00
compat_binfmt_elf.c
compat_ioctl.c
fs: add missing compat_ptr handling for FS_IOC_RESVSP ioctl
2009-11-12 07:25:57 -08:00
compat.c
exec: copy-and-paste the fixes into compat_do_execve() paths
2011-04-14 16:53:55 -07:00
dcache.c
fs: call security_d_instantiate in d_obtain_alias V2
2011-03-27 11:30:50 -07:00
dcookies.c
direct-io.c
block: Do away with the notion of hardsect_size
2009-05-22 23:22:54 +02:00
drop_caches.c
sysctl: remove "struct file *" argument of ->proc_handler
2009-09-24 07:21:04 -07:00
eventfd.c
anonfd: split interface into file creation and install
2009-09-23 07:39:29 -07:00
eventpoll.c
epoll: prevent creating circular epoll structures
2011-03-02 09:47:04 -05:00
exec.c
exec: copy-and-paste the fixes into compat_do_execve() paths
2011-04-14 16:53:55 -07:00
fcntl.c
Fix race in tty_fasync() properly
2010-02-23 07:37:44 -08:00
fifo.c
file_table.c
CRED: Fix kernel panic upon security_file_alloc() failure.
2011-03-02 09:46:38 -05:00
file.c
headers: remove sched.h from interrupt.h
2009-10-11 11:20:58 -07:00
filesystems.c
fs: Mark get_filesystem_list() as __init function.
2009-04-20 23:02:52 -04:00
fs_struct.c
Get rid of indirect include of fs_struct.h
2009-03-31 23:00:27 -04:00
fs-writeback.c
writeback: disable periodic old data writeback for !dirty_writeback_centisecs
2010-07-05 11:10:45 -07:00
generic_acl.c
New helper - current_umask()
2009-03-31 23:00:26 -04:00
inode.c
vfs: optimize touch_time() too
2009-09-24 07:47:27 -04:00
internal.h
fs: fix overflow in sys_mount() for in-kernel calls
2009-09-24 08:40:15 -04:00
ioctl.c
__generic_block_fiemap(): fix for files bigger than 4GB
2009-11-12 07:26:01 -08:00
ioprio.c
Kconfig
powerpc: Cleanup Kconfig selection of hugetlbfs support
2009-10-30 15:03:54 +11:00
Kconfig.binfmt
libfs.c
wrong type for 'magic' argument in simple_fill_super()
2010-07-05 11:11:12 -07:00
locks.c
const: make lock_manager_operations const
2009-09-22 07:17:25 -07:00
Makefile
nilfs2: update makefile and Kconfig
2009-04-07 08:31:16 -07:00
mbcache.c
mpage.c
ext4: Properly initialize the buffer_head state
2009-05-13 15:13:42 -04:00
namei.c
fix LOOKUP_FOLLOW on automount "symlinks"
2010-03-15 08:49:32 -07:00
namespace.c
vfs: add NOFOLLOW flag to umount(2)
2010-07-05 11:11:15 -07:00
nfsctl.c
no-block.c
open.c
fs: change sys_truncate length parameter type
2009-09-23 09:21:05 -07:00
pipe.c
pipe: fix failure to return error code on ->confirm()
2010-11-22 10:47:34 -08:00
pnode.c
pnode.h
posix_acl.c
read_write.c
sendfile(): check f_op.splice_write() rather than f_op.sendpage()
2011-03-02 09:46:40 -05:00
read_write.h
readdir.c
select.c
headers: remove sched.h from poll.h
2009-10-04 15:05:10 -07:00
seq_file.c
vfs: seq_file: add helpers for data filling
2009-09-24 07:47:35 -04:00
signalfd.c
signalfd: fill in ssi_int for posix timers and message queues
2010-08-13 13:19:39 -07:00
splice.c
sendfile(): check f_op.splice_write() rather than f_op.sendpage()
2011-03-02 09:46:40 -05:00
stack.c
stat.c
Add unlocked version of inode_add_bytes() function
2010-01-06 15:05:01 -08:00
super.c
vfs: get_sb_single() - do not pass options twice
2010-01-28 15:00:47 -08:00
sync.c
fs/buffer.c: clean up EXPORT* macros
2009-09-23 07:39:29 -07:00
timerfd.c
utimes.c
xattr_acl.c
xattr.c
VFS: Factor out part of vfs_setxattr so it can be called from the SELinux hook for inode_setsecctx.
2009-09-10 10:11:22 +10:00