OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
42c604ba7c
linux/fs/proc
History
yonghua zheng 8c8296223f fs/proc/task_mmu.c: fix buffer overflow in add_page_map() 
Recently we met quite a lot of random kernel panic issues after enabling
CONFIG_PROC_PAGE_MONITOR.  After debuggind we found this has something
to do with following bug in pagemap:

In struct pagemapread:

  struct pagemapread {
      int pos, len;
      pagemap_entry_t *buffer;
      bool v2;
  };

pos is number of PM_ENTRY_BYTES in buffer, but len is the size of
buffer, it is a mistake to compare pos and len in add_page_map() for
checking buffer is full or not, and this can lead to buffer overflow and
random kernel panic issue.

Correct len to be total number of PM_ENTRY_BYTES in buffer.

[akpm@linux-foundation.org: document pagemapread.pos and .len units, fix PM_ENTRY_BYTES definition]
Signed-off-by: Yonghua Zheng <younghua.zheng@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-08-13 17:57:50 -07:00
..
array.c
base.c proc_fill_cache(): clean up, get rid of pointless find_inode_number() use 2013-06-29 12:57:19 +04:00
cmdline.c
consoles.c
cpuinfo.c
devices.c
fd.c proc_fill_cache(): just make instantiate_t return int 2013-06-29 12:57:18 +04:00
fd.h proc: Move proc_fd() to fs/proc/fd.h 2013-05-01 17:29:39 -04:00
generic.c [readdir] convert procfs 2013-06-29 12:56:32 +04:00
inode.c proc: Split the namespace stuff out into linux/proc_ns.h 2013-05-01 17:29:39 -04:00
internal.h proc_fill_cache(): just make instantiate_t return int 2013-06-29 12:57:18 +04:00
interrupts.c
Kconfig
kcore.c fs/proc/kcore.c: using strlcpy() instead of strncpy() 2013-07-03 16:08:02 -07:00
kmsg.c kmsg: honor dmesg_restrict sysctl on /dev/kmsg 2013-06-12 16:29:44 -07:00
loadavg.c
Makefile
meminfo.c
namespaces.c proc_fill_cache(): just make instantiate_t return int 2013-06-29 12:57:18 +04:00
nommu.c
page.c
proc_devtree.c proc_devtree: Replace include linux/module.h with linux/export.h 2013-05-04 15:31:01 -04:00
proc_net.c [readdir] convert procfs 2013-06-29 12:56:32 +04:00
proc_sysctl.c Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
proc_tty.c
root.c [readdir] convert procfs 2013-06-29 12:56:32 +04:00
self.c
softirqs.c
stat.c
task_mmu.c fs/proc/task_mmu.c: fix buffer overflow in add_page_map() 2013-08-13 17:57:50 -07:00
task_nommu.c
uptime.c fs/proc/uptime.c:uptime_proc_show(): use get_monotonic_boottime() 2013-07-03 16:08:02 -07:00
version.c
vmcore.c s390/kdump: Disable mmap for s390 2013-07-18 13:40:18 +02:00