| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <43A1A64D-C929-41A2-BB51-AA38DDC1E238@dilger.ca>
Date: Tue, 18 Jul 2017 16:32:24 -0600
From: Andreas Dilger <adilger@...ger.ca>
To: Adam Buchbinder <abuchbinder@...gle.com>
Cc: Ext4 Developers List <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH v2 1/2] e2p: Fix segfault in e2p_os2string.
> On Jul 18, 2017, at 3:48 PM, Adam Buchbinder <abuchbinder@...gle.com> wrote:
>
> Passing in a negative integer would lead to a segfault, and
> a crafted filesystem image could trigger that.
>
> Signed-off-by: Adam Buchbinder <abuchbinder@...gle.com>
Reviewed-by: Andreas Dilger <adilger@...ger.ca>
> ---
> lib/e2p/ostype.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/e2p/ostype.c b/lib/e2p/ostype.c
> index 7f088446..c5fd8ab3 100644
> --- a/lib/e2p/ostype.c
> +++ b/lib/e2p/ostype.c
> @@ -30,7 +30,7 @@ char *e2p_os2string(int os_type)
> const char *os;
> char *ret;
>
> - if (os_type <= EXT2_OS_LITES)
> + if (os_type >= 0 && os_type <= EXT2_OS_LITES)
> os = os_tab[os_type];
> else
> os = "(unknown os)";
> --
> 2.14.0.rc0.284.gd933b75aa4-goog
>
Cheers, Andreas
Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)
Powered by blists - more mailing lists