[PATCH 2.4] Fix d_path() truncating excessive long path name vulnerability

From: Marc-Christian Petersen (m.c.p@wolk-project.de)
Date: Mon Dec 09 2002 - 21:28:21 EST

Hi Marcelo,

there isn't fixed the d_path() long name truncation vulnerability
(see http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00384.html) in
2.4.x up to 2.4.21-BK.

This trivial patch fixes it. Instead of truncating the path with no error,
caller gets ENAMETOOLONG.

Patch credits go to Jirka Kosina.

Has been in WOLK and in -aa kernels for ages.

ciao, Marc

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Sun Dec 15 2002 - 22:00:16 EST