Re: Potential xdr_xcode_array2 security issue

From: Florian Weimer
Date: Thu Jun 23 2005 - 05:53:32 EST

Next message: Gerrit Huizenga: "[patch 34/38] CKRM e18: Fix compile warnings and delete dead code"
Previous message: Mike Bell: "Re: [GIT PATCH] Remove devfs from 2.6.12-git"
In reply to: Andreas Gruenbacher: "Re: Potential xdr_xcode_array2 security issue (was: Re: [PATCH] RPC: Encode and decode arbitrary XDR arrays)"
Next in thread: Andreas Gruenbacher: "Re: Potential xdr_xcode_array2 security issue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Andreas Gruenbacher:

> On Thursday 23 June 2005 07:48, Florian Weimer wrote:
>> This looks suspiciously like CVE-2002-0391.
>
> Thanks, Florian. How about the attached patch?

I don't know the code, so I can't tell if you must protect against
desc->elem_size beign zero. I also don't understand the second hunk.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gerrit Huizenga: "[patch 34/38] CKRM e18: Fix compile warnings and delete dead code"
Previous message: Mike Bell: "Re: [GIT PATCH] Remove devfs from 2.6.12-git"
In reply to: Andreas Gruenbacher: "Re: Potential xdr_xcode_array2 security issue (was: Re: [PATCH] RPC: Encode and decode arbitrary XDR arrays)"
Next in thread: Andreas Gruenbacher: "Re: Potential xdr_xcode_array2 security issue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]