| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <s5habbu9wzb.wl%tiwai@suse.de> Date: Thu, 20 Nov 2008 17:35:20 +0100 From: Takashi Iwai <tiwai@...e.de> To: linux-kernel@...r.kernel.org Cc: Andrew Morton <akpm@...ux-foundation.org> Subject: [PATCH] Fix array overflow in parport_serial.c The netmos_9xx5_combo type assumes that PCI SSID provides always the correct value for the number of parallel and serial ports, but there are indeed broken devices with wrong numbers, which may result in Oops. This patch simply adds the check of the array range. Reference: Novell bnc#447067 https://bugzilla.novell.com/show_bug.cgi?id=447067 Signed-off-by: Takashi Iwai <tiwai@...e.de> --- diff --git a/drivers/parport/parport_serial.c b/drivers/parport/parport_serial.c index e2e95b3..101ed49 100644 --- a/drivers/parport/parport_serial.c +++ b/drivers/parport/parport_serial.c @@ -70,6 +70,8 @@ static int __devinit netmos_parallel_init(struct pci_dev *dev, struct parport_pc * parallel ports and <S> is the number of serial ports. */ card->numports = (dev->subsystem_device & 0xf0) >> 4; + if (card->numports > ARRAY_SIZE(card->addr)) + card->numports = ARRAY_SIZE(card->addr); return 0; } -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists