Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 1bf95c455d23d3eec931919965a0f7d4705bda8b
commit1bf95c455d23d3eec931919965a0f7d4705bda8b[log] [tgz]
authorDan Carpenter <dan.carpenter@oracle.com>Tue Oct 29 22:06:04 2013 +0300
committerchrmhoffmann <chrmhoffmann@gmail.com>Sun Apr 05 10:19:01 2020 +0200
treec5034ded5af490f868462b686a30c18f29cec027
parent71c5d5fbe4c2b897908c7a08faa922dd12b11e48 [diff]
uml: check length in exitcode_proc_write()

commit 201f99f170df14ba52ea4c52847779042b7a623b upstream.

We don't cap the size of buffer from the user so we could write past the
end of the array here.  Only root can write to this file.

Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Fabian Yamaguchi <fabs@goesec.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: c5034ded5af490f868462b686a30c18f29cec027
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS