OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/fs/xfs
History
Dan Rosenberg 3a3675b7f2 xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 
The FSGEOMETRY_V1 ioctl (and its compat equivalent) calls out to
xfs_fs_geometry() with a version number of 3.  This code path does not
fill in the logsunit member of the passed xfs_fsop_geom_t, leading to
the leaking of four bytes of uninitialized stack data to potentially
unprivileged callers.

v2 switches to memset() to avoid future issues if structure members
change, on suggestion of Dave Chinner.

Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
Reviewed-by: Eugene Teo <eugeneteo@kernel.org>
Signed-off-by: Alex Elder <aelder@sgi.com>
 		2011-02-22 15:06:47 -06:00
..
linux-2.6 xfs: limit extsize to size of AGs and/or MAXEXTLEN 2011-01-28 09:05:36 -06:00
quota xfs: fix dquot shaker deadlock 2011-01-28 09:05:36 -06:00
support xfs: Do not name variables "panic" 2011-01-17 12:39:07 -08:00
Kconfig quota: Make QUOTACTL config be selected by its users 2010-10-05 12:16:37 +02:00
Makefile xfs: add FITRIM support 2011-01-11 20:28:29 -06:00
xfs.h
xfs_acl.h fs: provide rcu-walk aware permission i_ops 2011-01-07 17:50:29 +11:00
xfs_ag.h xfs: convert pag_ici_lock to a spin lock 2010-12-16 17:08:41 +11:00
xfs_alloc.c xfs: add FITRIM support 2011-01-11 20:28:29 -06:00
xfs_alloc.h xfs: limit extent length for allocation to AG size 2011-01-28 09:05:35 -06:00
xfs_alloc_btree.c xfs: remove the ->kill_root btree operation 2010-10-18 15:07:38 -05:00
xfs_alloc_btree.h
xfs_arch.h
xfs_attr.c xfs: remove xfs_buf wrappers 2010-10-18 15:08:07 -05:00
xfs_attr.h
xfs_attr_leaf.c xfs: use KM_NOFS for allocations during attribute list operations 2010-12-23 11:57:37 +11:00
xfs_attr_leaf.h
xfs_attr_sf.h
xfs_bit.c
xfs_bit.h
xfs_bmap.c xfs: xfs_bmap_add_extent_delay_real should init br_startblock 2011-01-28 09:13:29 -06:00
xfs_bmap.h xfs: fix failed write truncation handling. 2010-12-01 07:40:19 -06:00
xfs_bmap_btree.c
xfs_bmap_btree.h
xfs_btree.c xfs: connect up buffer reclaim priority hooks 2010-12-02 16:31:13 +11:00
xfs_btree.h xfs: remove the ->kill_root btree operation 2010-10-18 15:07:38 -05:00
xfs_btree_trace.c
xfs_btree_trace.h
xfs_buf_item.c xfs: fix efi item leak on forced shutdown 2011-01-28 09:01:33 -06:00
xfs_buf_item.h xfs: use struct list_head for the buf cancel table 2010-12-16 16:05:22 -06:00
xfs_da_btree.c xfs: remove xfs_buf wrappers 2010-10-18 15:08:07 -05:00
xfs_da_btree.h
xfs_dfrag.c xfs: delayed alloc blocks beyond EOF are valid after writeback 2010-12-01 07:40:20 -06:00
xfs_dfrag.h
xfs_dinode.h xfs: Extend project quotas to support 32bit project ids 2010-10-18 15:08:08 -05:00
xfs_dir2.c
xfs_dir2.h
xfs_dir2_block.c xfs: fix gcc 4.6 set but not read and unused statement warnings 2010-07-26 13:16:51 -05:00
xfs_dir2_block.h
xfs_dir2_data.c
xfs_dir2_data.h
xfs_dir2_leaf.c xfs: remove xfs_buf wrappers 2010-10-18 15:08:07 -05:00
xfs_dir2_leaf.h
xfs_dir2_node.c
xfs_dir2_node.h
xfs_dir2_sf.c
xfs_dir2_sf.h
xfs_error.c xfs: prevent NMI timeouts in cmn_err 2011-01-12 08:46:41 -06:00
xfs_error.h xfs: prevent NMI timeouts in cmn_err 2011-01-12 08:46:41 -06:00
xfs_extfree_item.c xfs: fix efi item leak on forced shutdown 2011-01-28 09:01:33 -06:00
xfs_extfree_item.h xfs: Pull EFI/EFD handling out from under the AIL lock 2010-12-20 11:59:49 +11:00
xfs_filestream.c xfs: tell lockdep about parent iolock usage in filestreams 2010-11-10 12:00:48 -06:00
xfs_filestream.h xfs: clean up filestreams helpers 2010-07-26 13:16:51 -05:00
xfs_fs.h xfs: Extend project quotas to support 32bit project ids 2010-10-18 15:08:08 -05:00
xfs_fsops.c xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 2011-02-22 15:06:47 -06:00
xfs_fsops.h xfs: ensure log covering transactions are synchronous 2011-01-11 20:28:17 -06:00
xfs_ialloc.c xfs: remove xfs_buf wrappers 2010-10-18 15:08:07 -05:00
xfs_ialloc.h
xfs_ialloc_btree.c xfs: remove the ->kill_root btree operation 2010-10-18 15:07:38 -05:00
xfs_ialloc_btree.h
xfs_iget.c Merge branch 'master' into for-linus-merged 2011-01-10 21:35:55 -06:00
xfs_inode.c xfs: connect up buffer reclaim priority hooks 2010-12-02 16:31:13 +11:00
xfs_inode.h xfs: don't truncate prealloc from frequently accessed inodes 2010-12-23 12:02:31 +11:00
xfs_inode_item.c xfs: remove all the inodes on a buffer from the AIL in bulk 2010-12-20 12:03:17 +11:00
xfs_inode_item.h
xfs_inum.h
xfs_iomap.c xfs: speculative delayed allocation uses rounddown_power_of_2 badly 2011-01-28 09:05:35 -06:00
xfs_iomap.h xfs: kill xfs_iomap 2010-12-16 16:05:51 -06:00
xfs_itable.c xfs: Extend project quotas to support 32bit project ids 2010-10-18 15:08:08 -05:00
xfs_itable.h
xfs_log.c xfs: prevent NMI timeouts in cmn_err 2011-01-12 08:46:41 -06:00
xfs_log.h xfs: handle CIl transaction commit failures correctly 2011-01-28 09:05:36 -06:00
xfs_log_cil.c xfs: handle CIl transaction commit failures correctly 2011-01-28 09:05:36 -06:00
xfs_log_priv.h xfs: convert grant head manipulations to lockless algorithm 2010-12-21 12:29:14 +11:00
xfs_log_recover.c xfs: prevent NMI timeouts in cmn_err 2011-01-12 08:46:41 -06:00
xfs_log_recover.h
xfs_mount.c xfs: convert pag_ici_lock to a spin lock 2010-12-16 17:08:41 +11:00
xfs_mount.h xfs: dynamic speculative EOF preallocation 2011-01-04 11:35:03 +11:00
xfs_mru_cache.c workqueue: convert cancel_rearming_delayed_work[queue]() users to cancel_delayed_work_sync() 2010-12-15 10:56:11 +01:00
xfs_mru_cache.h
xfs_quota.h xfs: fix a few compiler warnings with CONFIG_XFS_QUOTA=n 2010-11-10 12:00:48 -06:00
xfs_rename.c xfs: log timestamp changes to the source inode in rename 2010-12-09 17:07:02 -06:00
xfs_rtalloc.c xfs: use unhashed buffers for size checks 2010-10-18 15:07:50 -05:00
xfs_rtalloc.h
xfs_rw.c
xfs_rw.h
xfs_sb.h xfs: Extend project quotas to support 32bit project ids 2010-10-18 15:08:08 -05:00
xfs_trans.c xfs: handle CIl transaction commit failures correctly 2011-01-28 09:05:36 -06:00
xfs_trans.h xfs: connect up buffer reclaim priority hooks 2010-12-02 16:31:13 +11:00
xfs_trans_ail.c xfs: use AIL bulk delete function to implement single delete 2010-12-20 12:36:15 +11:00
xfs_trans_buf.c xfs: remove xfs_buf wrappers 2010-10-18 15:08:07 -05:00
xfs_trans_extfree.c xfs: Pull EFI/EFD handling out from under the AIL lock 2010-12-20 11:59:49 +11:00
xfs_trans_inode.c xfs: don't use vfs writeback for pure metadata modifications 2010-10-18 15:07:45 -05:00
xfs_trans_priv.h xfs: use AIL bulk delete function to implement single delete 2010-12-20 12:36:15 +11:00
xfs_trans_space.h
xfs_types.h xfs: Extend project quotas to support 32bit project ids 2010-10-18 15:08:08 -05:00
xfs_utils.c xfs: remove xfs_cred.h 2010-10-18 15:08:06 -05:00
xfs_utils.h xfs: remove xfs_cred.h 2010-10-18 15:08:06 -05:00
xfs_vnodeops.c xfs: don't truncate prealloc from frequently accessed inodes 2010-12-23 12:02:31 +11:00
xfs_vnodeops.h xfs: remove xfs_cred.h 2010-10-18 15:08:06 -05:00