Module Name: src Committed By: msaitoh Date: Wed May 14 05:16:02 UTC 2014
Modified Files: src/doc [netbsd-5-2]: CHANGES-5.2.3 Log Message: Ticket 1902. To generate a diff of this commit: cvs rdiff -u -r1.1.2.3 -r1.1.2.4 src/doc/CHANGES-5.2.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-5.2.3 diff -u src/doc/CHANGES-5.2.3:1.1.2.3 src/doc/CHANGES-5.2.3:1.1.2.4 --- src/doc/CHANGES-5.2.3:1.1.2.3 Mon Apr 28 16:06:47 2014 +++ src/doc/CHANGES-5.2.3 Wed May 14 05:16:02 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.2.3,v 1.1.2.3 2014/04/28 16:06:47 sborrill Exp $ +# $NetBSD: CHANGES-5.2.3,v 1.1.2.4 2014/05/14 05:16:02 msaitoh Exp $ A complete list of changes from the NetBSD 5.2.2 release to the NetBSD 5.2.3 release: @@ -49,3 +49,12 @@ sys/ufs/mfs/mfs_vfsops.c 1.107 a NULL pointer when particular arguments are given by a user. [maxv, ticket #1901] +src/sys/compat/linux/common/linux_exec_elf32.c 1.91 via patch + + A specially-crafted binary could easily control a kernel array index. + Add some checks to ensure that nothing will be read outside the + allocated area. Rewrite the code so that we don't need to allocate + the whole section. Spotted by several developers, patch from + chs@/enami@ + + [maxv, ticket #1902]