projects / GitHub / MotorolaMobilityLLC / kernel-slsi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 065a68f) | patch
ceph: fix bounds check in ceph_decode_need and ceph_encode_need
authorXi Wang <xi.wang@gmail.com>
Fri, 20 Apr 2012 20:49:44 +0000 (15:49 -0500)
committerAlex Elder <elder@dreamhost.com>
Mon, 14 May 2012 17:12:27 +0000 (12:12 -0500)
commit76aa542fb90e3e91edb1146d10ca7cf2cae8e7e9
treed01a137e60126d140790c64f1a3994c62792b61etree | snapshot (tar.gz zip)
parent065a68f9167e20f321a62d044cb2c3024393d455commit | diff
ceph: fix bounds check in ceph_decode_need and ceph_encode_need

Given a large n, the bounds check (*p + n > end) can be bypassed due to
pointer wraparound.  A safer check is (n > end - *p).

[elder@dreamhost.com: inverted test and renamed ceph_has_room()]

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Reviewed-by: Alex Elder <elder@dreamhost.com>
include/linux/ceph/decode.h diff | blob | blame | history
Motorola kernel-slsi