Hi Marcelo,
there isn't fixed the d_path() long name truncation vulnerability
(see http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00384.html) in
2.4.x up to 2.4.21-BK.
This trivial patch fixes it. Instead of truncating the path with no error,
caller gets ENAMETOOLONG.
Patch credits go to Jirka Kosina.
Has been in WOLK and in -aa kernels for ages.
ciao, Marc
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Dec 15 2002 - 22:00:16 EST