Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-09 06:33:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c284f760b1
linux-stable/net/irda
History
Dan Rosenberg 9345707d16 irda: prevent heap corruption on invalid nickname 
commit d50e7e3604 upstream.

Invalid nicknames containing only spaces will result in an underflow in
a memcpy size calculation, subsequently destroying the heap and
panicking.

v2 also catches the case where the provided nickname is longer than the
buffer size, which can result in controllable heap corruption.

Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-04-30 16:53:26 +02:00
..
ircomm tty: Ldisc revamp 2008-07-20 17:12:34 -07:00
irlan irda: off by one 2010-09-20 13:03:20 -07:00
irnet irda: prevent heap corruption on invalid nickname 2011-04-30 16:53:26 +02:00
af_irda.c irda: Fix irda_getname() leak 2009-09-08 20:17:38 -07:00
discovery.c irda: Fix a misalign access issue. (v2) 2008-05-13 23:25:57 -07:00
irda_device.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
iriap_event.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
iriap.c irda: validate peer name and attribute lengths 2011-04-30 16:53:26 +02:00
irias_object.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irlap_event.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irlap_frame.c netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
irlap.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irlmp_event.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irlmp_frame.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irlmp.c irda: Fix a misalign access issue. (v2) 2008-05-13 23:25:57 -07:00
irmod.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irnetlink.c irda: Fix netlink error path return value 2008-07-08 03:07:43 -07:00
irproc.c [IRDA]: Use proc_create() to setup ->proc_fops first 2008-02-29 10:34:45 -08:00
irqueue.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
irsysctl.c [IrDA]: LMP discovery timer not started by default 2008-01-28 15:10:54 -08:00
irttp.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
Kconfig [S390] Kconfig: unwanted menus for s390. 2007-05-10 15:46:07 +02:00
Makefile [IrDA]: Netlink layer. 2007-07-10 22:16:43 -07:00
parameters.c irda: Fix parameter extraction stack overflow 2010-12-09 13:24:15 -08:00
qos.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00
timer.c more UTF-8 conversions 2007-10-19 23:22:11 +02:00
wrapper.c net: replace remaining __FUNCTION__ occurrences 2008-03-05 20:47:47 -08:00