1
linux/fs
Jan Kara 2deb1acc65 isofs: fix access to unallocated memory when reading corrupted filesystem
When a directory on isofs is corrupted, we did not check whether length of the
name in a directory entry and the length of the directory entry itself are
consistent.  This could lead to possible access beyond the end of buffer when
the length of the name was too big.  Add this sanity check to directory
reading code.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-30 08:29:33 -07:00
..
9p [PATCH] restore sane ->umount_begin() API 2008-04-25 09:23:25 -04:00
adfs adfs: work around bogus sparse warning 2008-04-29 08:05:59 -07:00
affs fs/affs/file.c: use BUG_ON 2008-04-29 08:06:02 -07:00
afs afs: support the CB.ProbeUuid RPC op 2008-04-29 08:06:26 -07:00
autofs
autofs4 autofs4: fix sparse warning in root.c 2008-04-29 08:06:01 -07:00
befs befs: fix sparse warning in linuxvfs.c 2008-04-29 08:05:59 -07:00
bfs
cifs proc: remove proc_root_fs 2008-04-29 08:06:18 -07:00
coda codafs: fix build warning 2008-04-29 08:06:04 -07:00
configfs Introduce path_put() 2008-02-14 21:13:33 -08:00
cramfs fs: Remove unnecessary inclusions of asm/semaphore.h 2008-04-18 22:16:44 -04:00
debugfs debugfs: fix sparse warnings 2008-03-04 14:47:06 -08:00
devpts
dlm Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/teigland/dlm 2008-04-22 13:44:23 -07:00
ecryptfs Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
efs efs: update error msg to not refer to deleted read_inode() 2008-04-02 15:28:19 -07:00
exportfs
ext2 ext2: retry block allocation if new blocks are allocated from system zone 2008-04-28 08:58:43 -07:00
ext3 ext3: fix test ext_generic_write_end() copied return value 2008-04-29 22:01:27 -04:00
ext4 ext4: fix test ext_generic_write_end() copied return value 2008-04-29 22:01:18 -04:00
fat fat: use get/put_unaligned_* helpers 2008-04-29 08:06:28 -07:00
freevxfs fs/freevxfs/: proper externs 2008-04-29 08:06:00 -07:00
fuse [PATCH] restore sane ->umount_begin() API 2008-04-25 09:23:25 -04:00
gfs2 mm: remove nopage 2008-04-28 08:58:18 -07:00
hfs hfs: handle match_strdup failure 2008-04-29 08:06:01 -07:00
hfsplus trivial: fix user-visible typo in hfsplus 2008-04-29 13:23:21 -07:00
hostfs
hpfs
hppfs [PATCH] sanitize hppfs 2008-03-19 06:42:18 -04:00
hugetlbfs mempolicy: use struct mempolicy pointer in shmem_sb_info 2008-04-28 08:58:25 -07:00
isofs isofs: fix access to unallocated memory when reading corrupted filesystem 2008-04-30 08:29:33 -07:00
jbd jbd: replace remaining __FUNCTION__ occurrences 2008-04-28 08:58:45 -07:00
jbd2 jbd2: use non-racy method for proc entries creation 2008-04-29 08:06:20 -07:00
jffs2 [JFFS2] Introduce dbg_readinode2 log level, use it to shut read_dnode() up 2008-04-23 16:43:15 +01:00
jfs proc: remove proc_root_fs 2008-04-29 08:06:18 -07:00
lockd locks: don't call ->copy_lock methods on return of conflicting locks 2008-04-25 13:00:11 -04:00
minix
msdos fat: fat_notify_change() and check_mode() cleanup 2008-04-28 08:58:47 -07:00
ncpfs ncpfs: use get/put_unaligned_* helpers 2008-04-29 08:06:28 -07:00
nfs nfs: use proc_create to setup de->proc_fops 2008-04-29 08:06:20 -07:00
nfs_common
nfsd nfsd: use proc_create to setup de->proc_fops 2008-04-29 08:06:20 -07:00
nls
ntfs Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
ocfs2 [PATCH] r/o bind mounts: elevate write count for ioctls() 2008-04-19 00:29:24 -04:00
openpromfs
partitions fat: detect media without partition table correctly 2008-04-28 08:58:47 -07:00
proc sysctl: add the ->permissions callback on the ctl_table_root 2008-04-29 08:06:23 -07:00
qnx4
ramfs fs/ramfs/ extern cleanup 2008-04-29 08:06:00 -07:00
reiserfs reiserfs: use non-racy method for proc entries creation 2008-04-29 08:06:20 -07:00
romfs ROMFS: Fix up an error in iget removal 2008-03-19 18:53:36 -07:00
smbfs NULL noise: fs/*, mm/*, kernel/* 2008-03-30 14:18:41 -07:00
sysfs [SCSI] sysfs: make group is_valid return a mode_t 2008-04-22 15:16:31 -05:00
sysv
udf udf: fix sparse warning in namei.c 2008-04-28 08:58:46 -07:00
ufs ufs: replace __inline with inline 2008-04-28 08:58:45 -07:00
vfat fat: use __getname() 2008-04-28 08:58:47 -07:00
xfs [XFS] Include linux/random.h in all builds, not just debug. 2008-04-30 07:53:50 -07:00
aio.c aio: fix misleading comments 2008-04-29 08:06:29 -07:00
anon_inodes.c [PATCH] fix up new filp allocators 2008-03-19 06:54:05 -04:00
attr.c
bad_inode.c
binfmt_aout.c fs/binfmt_aout.c: use printk_ratelimit() 2008-04-29 08:06:04 -07:00
binfmt_elf_fdpic.c fdpic: check that the size returned by kernel_read() is what we asked for 2008-04-29 08:06:05 -07:00
binfmt_elf.c elf: fix shadowed variables in fs/binfmt_elf.c 2008-04-29 08:06:16 -07:00
binfmt_em86.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_flat.c procfs task exe symlink 2008-04-29 08:06:17 -07:00
binfmt_misc.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_script.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_som.c [PATCH] sanitize handling of shared descriptor tables in failing execve() 2008-04-25 09:23:53 -04:00
bio.c block: add dma alignment and padding support to blk_rq_map_kern 2008-04-29 09:50:34 +02:00
block_dev.c fs/block_dev.c: remove #if 0'ed code 2008-02-19 10:04:00 +01:00
buffer.c make fs/buffer.c:cont_expand_zero() static 2008-04-29 08:06:01 -07:00
char_dev.c fs: remove unused fops from struct char_device_struct 2008-04-29 08:06:01 -07:00
compat_binfmt_elf.c
compat_ioctl.c d_path: Make d_path() use a struct path 2008-02-14 21:17:09 -08:00
compat.c Merge branch 'linus_origin' into hotfixes 2008-02-15 13:36:30 -05:00
dcache.c [patch 2/7] vfs: mountinfo: add seq_file_root() 2008-04-23 00:04:38 -04:00
dcookies.c d_path: Make d_path() use a struct path 2008-02-14 21:17:09 -08:00
direct-io.c
dnotify.c
dquot.c quota: quota core changes for quotaon on remount 2008-04-28 08:58:33 -07:00
drop_caches.c vfs: skip inodes without pages to free in drop_pagecache_sb() 2008-04-29 08:06:05 -07:00
eventfd.c
eventpoll.c epoll: avoid kmemcheck warning 2008-04-29 08:05:59 -07:00
exec.c procfs task exe symlink 2008-04-29 08:06:17 -07:00
fcntl.c [PATCH] sanitize locate_fd() 2008-04-25 09:24:05 -04:00
fifo.c
file_table.c [PATCH] r/o bind mounts: debugging for missed calls 2008-04-19 00:29:28 -04:00
file.c
filesystems.c
fs-writeback.c fs/fs-writeback.c: make 2 functions static 2008-04-29 08:06:00 -07:00
generic_acl.c
inode.c fs/inode.c: use hlist_for_each_entry() 2008-04-29 08:06:06 -07:00
inotify_user.c Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
inotify.c
internal.h [PATCH] move a bunch of declarations to fs/internal.h 2008-04-21 23:11:01 -04:00
ioctl.c make vfs_ioctl() static 2008-04-29 08:06:00 -07:00
ioprio.c
Kconfig Merge git://git.linux-nfs.org/projects/trondmy/nfs-2.6 2008-04-24 11:46:16 -07:00
Kconfig.binfmt make BINFMT_FLAT a bool 2008-04-29 08:06:01 -07:00
libfs.c
locks.c Export __locks_copy_lock() so modular lockd builds 2008-04-25 15:49:46 -07:00
Makefile
mbcache.c vfs: fix possible deadlock in ext2, ext3, ext4 when using xattrs 2008-04-15 19:35:41 -07:00
mpage.c docbook: fix filesystems.tmpl source files 2008-03-03 10:47:13 -08:00
namei.c cgroups: implement device whitelist 2008-04-29 08:06:09 -07:00
namespace.c vfs: remove lives_below_in_same_fs() 2008-04-29 08:06:06 -07:00
nfsctl.c Introduce path_put() 2008-02-14 21:13:33 -08:00
no-block.c
open.c xip: support non-struct page backed memory 2008-04-28 08:58:23 -07:00
pipe.c [PATCH] double-free of inode on alloc_file() failure exit in create_write_pipe() 2008-04-22 19:54:57 -04:00
pnode.c [patch 7/7] vfs: mountinfo: show dominating group id 2008-04-23 00:05:09 -04:00
pnode.h [patch 7/7] vfs: mountinfo: show dominating group id 2008-04-23 00:05:09 -04:00
posix_acl.c
quota_v1.c quota: do not allow setting of quota limits to too high values 2008-04-28 08:58:32 -07:00
quota_v2.c quota: do not allow setting of quota limits to too high values 2008-04-28 08:58:32 -07:00
quota.c quota: quota core changes for quotaon on remount 2008-04-28 08:58:33 -07:00
read_write.c fs: use loff_t type instead of long long 2008-04-22 15:17:11 -07:00
read_write.h
readdir.c
select.c trivial: small cleanups 2008-04-21 22:15:06 +00:00
seq_file.c [patch 2/7] vfs: mountinfo: add seq_file_root() 2008-04-23 00:04:38 -04:00
signalfd.c signalfd: fix for incorrect SI_QUEUE user data reporting 2008-04-11 08:06:44 -07:00
splice.c relay: fix splice problem 2008-04-29 09:48:15 +02:00
stack.c
stat.c Introduce path_put() 2008-02-14 21:13:33 -08:00
super.c make __put_super() static 2008-04-29 08:06:00 -07:00
sync.c vfs: fix unconditional write_super() call in file_fsync() 2008-04-29 08:06:06 -07:00
timerfd.c fs/timerfd.c should #include <linux/syscalls.h> 2008-04-29 08:06:01 -07:00
utimes.c [PATCH] r/o bind mounts: elevate write count for do_utimes() 2008-04-19 00:29:24 -04:00
xattr_acl.c
xattr.c xattr: add missing consts to function arguments 2008-04-29 08:06:06 -07:00