CVSROOT: /cvs Module name: src Changes by: [email protected] 2010/06/21 07:28:09
Modified files:
sys/dev : vscsi.c
Log message:
fix an integer arithmetic overflow.
An attacker can get past the ENOMEM check in vscsi_data() by first
reading/writing 1 byte and then reading/writing 0xffffffff bytes.
found and fixed by matthew dempsky
