Author: arekm Date: Sun Feb 10 19:20:34 2008 GMT
Module: SOURCES Tag: LINUX_2_6_22
---- Log message:
- more complete one from debian bts
---- Files affected:
SOURCES:
kernel-vmsplice.patch (1.1.2.1 -> 1.1.2.2)
---- Diffs:
================================================================
Index: SOURCES/kernel-vmsplice.patch
diff -u SOURCES/kernel-vmsplice.patch:1.1.2.1
SOURCES/kernel-vmsplice.patch:1.1.2.2
--- SOURCES/kernel-vmsplice.patch:1.1.2.1 Sun Feb 10 19:22:18 2008
+++ SOURCES/kernel-vmsplice.patch Sun Feb 10 20:20:29 2008
@@ -1,15 +1,28 @@
---- a/fs/splice.c.org 2008-02-10 18:59:14.848560519 +0100
-+++ b/fs/splice.c 2008-02-10 19:17:03.955805594 +0100
-@@ -1163,6 +1163,12 @@
+diff --git a/fs/splice.c b/fs/splice.c
+index 684bca3..2d7e598 100644
+--- a/fs/splice.c
++++ b/fs/splice.c
+@@ -1122,6 +1122,11 @@ static int get_iovec_page_array(const struct iovec
__user *iov,
size_t len;
int i;
-+ /* CVE-2008-0009, CVE-2008-0010 fix */
-+ if(!access_ok(VERIFY_READ, base, len)) {
-+ error = -EFAULT;
-+ break;
++ if (!access_ok(VERIFY_READ, iov, sizeof(struct iovec))) {
++ error = -EFAULT;
++ break;
+ }
+
/*
* Get user address base and length for this iovec.
*/
+@@ -1141,6 +1146,11 @@ static int get_iovec_page_array(const struct iovec
__user *iov,
+ if (unlikely(!base))
+ break;
+
++ if (!access_ok(VERIFY_READ, base, len)) {
++ error = -EFAULT;
++ break;
++ }
++
+ /*
+ * Get this base offset and number of pages, then map
+ * in the user pages.
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-vmsplice.patch?r1=1.1.2.1&r2=1.1.2.2&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
