This is a note to let you know that I've just added the patch titled
rose: Fix signedness issues wrt. digi count.
to the 2.6.27-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
rose-fix-signedness-issues-wrt.-digi-count.patch
and it can be found in the queue-2.6.27 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 34e098a21b709f12c63f98eded0af87e28581eb0 Mon Sep 17 00:00:00 2001
From: David S. Miller <[email protected]>
Date: Mon, 20 Sep 2010 15:40:35 -0700
Subject: rose: Fix signedness issues wrt. digi count.
From: David S. Miller <[email protected]>
[ Upstream commit 9828e6e6e3f19efcb476c567b9999891d051f52f ]
Just use explicit casts, since we really can't change the
types of structures exported to userspace which have been
around for 15 years or so.
Reported-by: Dan Rosenberg <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/rose/af_rose.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/net/rose/af_rose.c
+++ b/net/rose/af_rose.c
@@ -680,7 +680,7 @@ static int rose_bind(struct socket *sock
if (addr_len == sizeof(struct sockaddr_rose) && addr->srose_ndigis > 1)
return -EINVAL;
- if (addr->srose_ndigis > ROSE_MAX_DIGIS)
+ if ((unsigned int) addr->srose_ndigis > ROSE_MAX_DIGIS)
return -EINVAL;
if ((dev = rose_dev_get(&addr->srose_addr)) == NULL) {
@@ -740,7 +740,7 @@ static int rose_connect(struct socket *s
if (addr_len == sizeof(struct sockaddr_rose) && addr->srose_ndigis > 1)
return -EINVAL;
- if (addr->srose_ndigis > ROSE_MAX_DIGIS)
+ if ((unsigned int) addr->srose_ndigis > ROSE_MAX_DIGIS)
return -EINVAL;
/* Source + Destination digis should not exceed ROSE_MAX_DIGIS */
Patches currently in stable-queue which might be from [email protected] are
queue-2.6.27/can-bcm-fix-minor-heap-overflow.patch
queue-2.6.27/xfrm4-strip-ecn-and-ip-precedence-bits-in-policy-lookup.patch
queue-2.6.27/x25-prevent-crashing-when-parsing-bad-x.25-facilities.patch
queue-2.6.27/net-clear-heap-allocations-for-privileged-ethtool-actions.patch
queue-2.6.27/ipv6-conntrack-add-member-of-user-to-nf_ct_frag6_queue-structure.patch
queue-2.6.27/tcp-fix-race-in-tcp_poll.patch
queue-2.6.27/rose-fix-signedness-issues-wrt.-digi-count.patch
queue-2.6.27/limit-sysctl_tcp_mem-and-sysctl_udp_mem-initializers-to-prevent-integer-overflows.patch
queue-2.6.27/decnet-don-t-leak-uninitialized-stack-byte.patch
queue-2.6.27/x25-patch-to-fix-bug-15678-x25-accesses-fields-beyond-end-of-packet.patch
queue-2.6.27/net-fix-ipv6-pmtu-disc.-w-asymmetric-routes.patch
queue-2.6.27/net-fix-the-condition-passed-to-sk_wait_event.patch
queue-2.6.27/net-truncate-recvfrom-and-sendto-length-to-int_max.patch
queue-2.6.27/memory-corruption-in-x.25-facilities-parsing.patch
_______________________________________________
stable mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/stable
