openwrt/target/linux/generic
Felix Fietkau 3848e6a246 kernel: crashlog: Avoid out-of-bounds write
vsnprintf returns the number of chars that would have been written, not
the actual number of chars written. This can lead to crashlog_buf->len
being too big which in turn can lead to get_maxlen() returning negative
numbers. The length argument of kmsg_dump_get_buffer will be casted to
a size_t which makes a negative input a big positive number allowing
kmsg_dump_get_buffer to write out of bounds.

Fix this by using vscnprintf which returns the actually written number
of chars.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 37820
2013-08-21 20:59:25 +00:00
..
base-files update the /init file to start /sbin/init 2013-03-13 18:11:13 +00:00
files kernel: drop dead pwm code 2013-08-18 01:25:41 +00:00
image rename target/linux/generic-2.6 to generic 2010-06-26 20:42:58 +00:00
patches-3.3 kernel: crashlog: Avoid out-of-bounds write 2013-08-21 20:59:25 +00:00
patches-3.6 kernel: crashlog: Avoid out-of-bounds write 2013-08-21 20:59:25 +00:00
patches-3.8 kernel: crashlog: Avoid out-of-bounds write 2013-08-21 20:59:25 +00:00
patches-3.9 kernel: crashlog: Avoid out-of-bounds write 2013-08-21 20:59:25 +00:00
patches-3.10 kernel: crashlog: Avoid out-of-bounds write 2013-08-21 20:59:25 +00:00
config-3.3 kernel: add missing config options 2013-08-02 20:13:54 +00:00
config-3.6 kernel: add missing config options 2013-08-02 20:13:54 +00:00
config-3.8 kernel: add missing config option 2013-08-02 16:16:23 +00:00
config-3.9 kernel: add missing config option 2013-08-02 16:16:23 +00:00
config-3.10 kernel: add some missing config symbols 2013-08-05 20:58:05 +00:00
PATCHES kernel: update PATCHES with a stricter policy 2013-07-09 20:52:07 +00:00