OSDN Git Service

(root) / android-x86 / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8c74888) | patch
cifs: prevent integer overflow in nxt_dir_entry()
authorDan Carpenter <dan.carpenter@oracle.com>
Thu, 6 Sep 2018 09:47:51 +0000 (12:47 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 26 Sep 2018 06:39:33 +0000 (08:39 +0200)
commitbf1c05755d450ae2b3c8d4b703ff4ebed4c6c53b
treeac1c38c00ca53ee69b825b87ea4f0abeed360852tree | snapshot
parent8c7488864bdf16d1fdcc0065f7461afc54971e1fcommit | diff
cifs: prevent integer overflow in nxt_dir_entry()

commit 8ad8aa353524d89fa2e09522f3078166ff78ec42 upstream.

The "old_entry + le32_to_cpu(pDirInfo->NextEntryOffset)" can wrap
around so I have added a check for integer overflow.

Reported-by: Dr Silvio Cesare of InfoSect <silvio.cesare@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/cifs/readdir.c diff | blob | history
kernel
About OSDN
Find Software
Develop Software
Help