a7y18lte-ubports/android_kernel_samsung_universal7885
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
se9.0
android_kernel_samsung_univ.../fs/ncpfs
History
Dan Carpenter badf74b65f staging: ncpfs: memory corruption in ncp_read_kernel() 
commit 4c41aa24baa4ed338241d05494f2c595c885af8f upstream.

If the server is malicious then *bytes_read could be larger than the
size of the "target" buffer.  It would lead to memory corruption when we
do the memcpy().

Reported-by: Dr Silvio Cesare of InfoSect <Silvio Cesare <silvio.cesare@gmail.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-28 18:40:15 +02:00
..
dir.c
file.c
getopt.c
getopt.h
inode.c
ioctl.c
Kconfig
Makefile
mmap.c
ncp_fs_i.h
ncp_fs_sb.h
ncp_fs.h
ncplib_kernel.c
ncplib_kernel.h
ncpsign_kernel.c
ncpsign_kernel.h
sock.c
symlink.c