Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / e18ed145c7f556f1de8350c32739bf35b26df705
commite18ed145c7f556f1de8350c32739bf35b26df705[log] [tgz]
authorChristian Engelmayer <christian.engelmayer@frequentis.com>Mon Jun 29 19:31:41 2009 -0700
committerDavid S. Miller <davem@davemloft.net>Mon Jun 29 19:31:41 2009 -0700
treea238f98c80917c37dc46dabf19a7d5510605968b
parent2bf427b25b79eb7cea27963a66c3d4684cae0e0c [diff]
ide: memory overrun in ide_get_identity_ioctl() on big endian machines using ioctl HDIO_OBSOLETE_IDENTITY

This patch fixes a memory overrun in function ide_get_identity_ioctl() which
chooses the size of a memory buffer depending on the ioctl command that led
to the function call, however, passes that buffer to a function which needs the
buffer size to be always chosen unconditionally.

Due to conditional compilation the memory overrun can only happen on big endian
machines. The error can be triggered using ioctl HDIO_OBSOLETE_IDENTITY. Usage
of ioctl HDIO_GET_IDENTITY is safe.

Signed-off-by: Christian Engelmayer <christian.engelmayer@frequentis.com>
Acked-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
1 file changed
tree: a238f98c80917c37dc46dabf19a7d5510605968b
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. MAINTAINERS
  28. Makefile
  29. README
  30. REPORTING-BUGS