On Wed, Oct 24, 2012 at 2:02 PM, Andrew Morton <[email protected]> wrote: > On Wed, 24 Oct 2012 13:57:56 -0700 > Kees Cook <[email protected]> wrote: > >> Fix possible overflow of the buffer used for expanding environment >> variables when building file list. >> >> $ cat usr/crash.list >> file foo ${BIG}${BIG}${BIG}${BIG}${BIG}${BIG} 0755 0 0 >> $ BIG=$(perl -e 'print "A" x 4096;') ./usr/gen_init_cpio usr/crash.list >> *** buffer overflow detected ***: ./usr/gen_init_cpio terminated >> >> This also replaces the space-indenting with tabs. >> >> Patch based on existing fix extracted from grsecurity. >> >> ... >> >> Cc: [email protected] > > Why did you feel we need to backport this to -stable?
It's an extremely hard to hit security issue, but it's a security fix regardless. I won't cry if it doesn't go to stable, but it seems a trivial fix, so I included it for stable. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
