diff options
| author |   Jacob von Chorus <jacobvonchorus@cwphoto.ca> | 2017-07-28 17:06:16 -0400 |
|---|---|---|
| committer |   Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-07-28 17:07:37 -0700 |
| commit | a46393aba77c870ef73beb417c48af4df43cb342 (patch) | |
| tree | 084fe9dd76bfe0e49ef22e436adb528b86a73dde /tools/perf/scripts/python/call-graph-from-postgresql.py | |
| parent | staging: skein: move macros into header file (diff) | |
| download | wireguard-linux-a46393aba77c870ef73beb417c48af4df43cb342.tar.xz wireguard-linux-a46393aba77c870ef73beb417c48af4df43cb342.zip | |
staging: gs_fpgaboot: add buffer overflow checks
Four fields in struct fpgaimage are char arrays of length MAX_STR (256).
The amount of data read into these buffers is controlled by a length
field in the bitstream file read from userspace. If a corrupt or
malicious firmware file was supplied, kernel data beyond these buffers
can be overwritten arbitrarily.
This patch adds a check of the bitstream's length value to ensure it
fits within the bounds of the allocated buffers. An error condition is
returned from gs_read_bitstream if any of the reads fail.
Signed-off-by: Jacob von Chorus <jacobvonchorus@cwphoto.ca>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'tools/perf/scripts/python/call-graph-from-postgresql.py')
0 files changed, 0 insertions, 0 deletions