| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241101174705.12682-2-dpenkler@gmail.com> Date: Fri, 1 Nov 2024 18:46:57 +0100 From: Dave Penkler <dpenkler@...il.com> To: gregkh@...uxfoundation.org, linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org Cc: skhan@...uxfoundation.org, arnd@...db.de, Dave Penkler <dpenkler@...il.com> Subject: [PATCH 1/9] Fix buffer overflow in ni_usb_init The writes buffer size was taking into accont the number of entries causing random oopses. Signed-off-by: Dave Penkler <dpenkler@...il.com> --- drivers/staging/gpib/ni_usb/ni_usb_gpib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/gpib/ni_usb/ni_usb_gpib.c b/drivers/staging/gpib/ni_usb/ni_usb_gpib.c index 571f07800c9a..9ff56b063681 100644 --- a/drivers/staging/gpib/ni_usb/ni_usb_gpib.c +++ b/drivers/staging/gpib/ni_usb/ni_usb_gpib.c @@ -1726,7 +1726,7 @@ static int ni_usb_init(gpib_board_t *board) unsigned int ibsta; int writes_len; - writes = kmalloc(sizeof(*writes), GFP_KERNEL); + writes = kmalloc(sizeof(*writes) * NUM_INIT_WRITES, GFP_KERNEL); if (!writes) return -ENOMEM; -- 2.46.2
Powered by blists - more mailing lists