unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../drivers
History
Dan Carpenter 7563487cbf isdnloop: several buffer overflows 
There are three buffer overflows addressed in this patch.

1) In isdnloop_fake_err() we add an 'E' to a 60 character string and
then copy it into a 60 character buffer.  I have made the destination
buffer 64 characters and I'm changed the sprintf() to a snprintf().

2) In isdnloop_parse_cmd(), p points to a 6 characters into a 60
character buffer so we have 54 characters.  The ->eazlist[] is 11
characters long.  I have modified the code to return if the source
buffer is too long.

3) In isdnloop_command() the cbuf[] array was 60 characters long but the
max length of the string then can be up to 79 characters.  I made the
cbuf array 80 characters long and changed the sprintf() to snprintf().
I also removed the temporary "dial" buffer and changed it to use "p"
directly.

Unfortunately, we pass the "cbuf" string from isdnloop_command() to
isdnloop_writecmd() which truncates anything over 60 characters to make
it fit in card->omsg[].  (It can accept values up to 255 characters so
long as there is a '\n' character every 60 characters).  For now I have
just fixed the memory corruption bug and left the other problems in this
driver alone.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-04-08 12:41:13 -04:00
..
accessibility
acpi More ACPI and power management updates for 3.15-rc1 2014-04-02 14:10:21 -07:00
amba
ata Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
atm
auxdisplay
base Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
bcma
block Nothing exciting: virtio-blk users might see a bit of a boost from the 2014-04-02 14:43:17 -07:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-04-02 20:53:45 -07:00
bus
cdrom
char Nothing exciting: virtio-blk users might see a bit of a boost from the 2014-04-02 14:43:17 -07:00
clk
clocksource Merge branch 'x86-nuke-platforms-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-02 13:15:58 -07:00
connector Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-04-02 20:53:45 -07:00
cpufreq More ACPI and power management updates for 3.15-rc1 2014-04-02 14:10:21 -07:00
cpuidle Merge branch 'sched-idle-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-02 16:22:27 -07:00
crypto
dca
devfreq
dio
dma
edac Merge branch 'mips-for-linux-next' of git://git.linux-mips.org/pub/scm/ralf/upstream-sfr 2014-04-02 13:40:50 -07:00
eisa
extcon
firewire
firmware Driver core / sysfs patches for 3.15-rc1 2014-04-01 16:28:19 -07:00
fmc
gpio MIPS: VR41xx: Mark GPIO lines used for IRQ 2014-03-31 18:17:12 +02:00
gpu Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2014-04-02 16:24:28 -07:00
hsi
hv Char/Misc driver patches for 3.15-rc1 2014-04-01 16:13:21 -07:00
hwmon Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2014-04-02 13:42:59 -07:00
hwspinlock
i2c
ide
idle
iio Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2014-04-02 16:24:28 -07:00
infiniband
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
iommu Merge branch 'for-3.15' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping 2014-04-02 14:34:25 -07:00
ipack
irqchip irqchip: sun7i/sun6i: Disable NMI before registering the handler 2014-03-31 11:12:57 +02:00
isdn isdnloop: several buffer overflows 2014-04-08 12:41:13 -04:00
leds
lguest
macintosh
mailbox
mcb
md Merge branch 'for-3.15/drivers' of git://git.kernel.dk/linux-block 2014-04-01 19:43:53 -07:00
media Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-02 12:51:41 -07:00
memory
memstick
message PCI changes for the v3.15 merge window: 2014-04-01 15:14:04 -07:00
mfd regulator: Updates for v3.15 2014-04-01 13:17:46 -07:00
misc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
mmc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
mtd Char/Misc driver patches for 3.15-rc1 2014-04-01 16:13:21 -07:00
net net/at91_ether: avoid NULL pointer dereference 2014-04-07 15:10:17 -04:00
nfc
ntb
nubus
of Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-04-02 20:53:45 -07:00
oprofile
parisc
parport
pci Merge branch 'x86-nuke-platforms-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-02 13:15:58 -07:00
pcmcia PCI changes for the v3.15 merge window: 2014-04-01 15:14:04 -07:00
phy
pinctrl Pin control bulk changes for the v3.15 series, no new core 2014-04-01 13:10:49 -07:00
platform sound updates for 3.15-rc1 2014-04-01 15:38:47 -07:00
pnp More ACPI and power management updates for 3.15-rc1 2014-04-02 14:10:21 -07:00
power
powercap
pps
ps3
ptp net: ptp: move PTP classifier in its own file 2014-04-01 16:43:18 -04:00
pwm
rapidio
regulator Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
remoteproc
reset
rpmsg
rtc
s390 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-04-02 20:53:45 -07:00
sbus
scsi Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
sfi
sh
sn
spi Merge branch 'mips-for-linux-next' of git://git.linux-mips.org/pub/scm/ralf/upstream-sfr 2014-04-02 13:40:50 -07:00
spmi
ssb
staging Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-04-02 20:53:45 -07:00
target
tc
thermal
tty TTY/Serial driver update for 3.15-rc1 2014-04-01 16:55:57 -07:00
uio
usb Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-04-02 16:23:38 -07:00
uwb
vfio PCI changes for the v3.15 merge window: 2014-04-01 15:14:04 -07:00
vhost
video Merge branch 'x86-nuke-platforms-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-02 13:15:58 -07:00
virt
virtio
vlynq
vme
w1
watchdog Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2014-04-02 13:42:59 -07:00
xen ACPI and power management updates for 3.15-rc1 2014-04-01 12:48:54 -07:00
zorro
Kconfig
Makefile