e300839da4
Presently, firewire-core only checks whether descriptors that are to be added by userspace drivers to the local node's config ROM do not exceed a size of 256 quadlets. However, the sum of the bare minimum ROM plus all descriptors (from firewire-core, from firewire-net, from userspace) must not exceed 256 quadlets. Otherwise, the bounds of a statically allocated buffer will be overwritten. If the kernel survives that, firewire-core will subsequently be unable to parse the local node's config ROM. (Note, userspace drivers can add descriptors only through device files of local nodes. These are usually only accessible by root, unlike device files of remote nodes which may be accessible to lesser privileged users.) Therefore add a test which takes the actual present and required ROM size into account for all descriptors of kernelspace and userspace drivers. Cc: stable@kernel.org Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> |
||
---|---|---|
.. | ||
core-card.c | ||
core-cdev.c | ||
core-device.c | ||
core-iso.c | ||
core-topology.c | ||
core-transaction.c | ||
core.h | ||
Kconfig | ||
Makefile | ||
net.c | ||
ohci.c | ||
ohci.h | ||
sbp2.c |