| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1485648328-2141-61-git-send-email-jsimmons@infradead.org>
Date: Sat, 28 Jan 2017 19:05:28 -0500
From: James Simmons <jsimmons@...radead.org>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
devel@...verdev.osuosl.org,
Andreas Dilger <andreas.dilger@...el.com>,
Oleg Drokin <oleg.drokin@...el.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Lustre Development List <lustre-devel@...ts.lustre.org>,
James Simmons <jsimmons@...radead.org>
Subject: [PATCH 60/60] staging: lustre: libcfs: fix minimum size check for libcfs ioctl
The check for the smallest ioctl data in libcfs_ioctl_getdata()
is incorrect. Instead of checking against struct libcfs_ioctl_data
compare the size to struct libcfs_ioctl_hdr.
Reported-by: Doug Oucharek <doug.s.oucharek@...el.com>
Signed-off-by: James Simmons <jsimmons@...radead.org>
---
drivers/staging/lustre/lnet/libcfs/linux/linux-module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/linux/linux-module.c b/drivers/staging/lustre/lnet/libcfs/linux/linux-module.c
index 3f5d58b..bda6c16 100644
--- a/drivers/staging/lustre/lnet/libcfs/linux/linux-module.c
+++ b/drivers/staging/lustre/lnet/libcfs/linux/linux-module.c
@@ -134,7 +134,7 @@ int libcfs_ioctl_getdata(struct libcfs_ioctl_hdr **hdr_pp,
return -EINVAL;
}
- if (hdr.ioc_len < sizeof(struct libcfs_ioctl_data)) {
+ if (hdr.ioc_len < sizeof(hdr)) {
CERROR("libcfs ioctl: user buffer too small for ioctl\n");
return -EINVAL;
}
--
1.8.3.1
Powered by blists - more mailing lists