iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0ddcf5fdfa
linux/drivers/staging/bcm
History
Kevin McKinney 221fd753dd Staging: bcm: Fix an invalid dereference to a kmalloc in IOCTL_BCM_BULK_WRM 
Variable IoBuffer.InputLength is chosen from userspace,
and can therefore be less than the intended size. In this
case,the memory from the kmalloc call is eventually cast
to a PBULKWRM_BUFFER. If the IoBuffer.InputLength does not
meet the minimum size of PBULKWRM_BUFFER, then we will get
a kernel Oops. To resolve this issue, this patch verifies
IoBuffer.InputLength meets the minimum size before invoking
the kmalloc call.

Signed-off-by: Kevin McKinney <klmckinney1@gmail.com>
Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-12-22 13:32:45 -08:00
..
Adapter.h Fix common misspellings 2011-03-31 11:26:23 -03:00
Bcmchar.c Staging: bcm: Fix an invalid dereference to a kmalloc in IOCTL_BCM_BULK_WRM 2011-12-22 13:32:45 -08:00
Bcmnet.c Staging: bcm: Bcmnet: fixed checkpatch script reported issues 2011-03-09 15:54:30 -08:00
CmHost.c Fix common misspellings 2011-03-31 11:26:23 -03:00
CmHost.h
cntrl_SignalingInterface.h Fix common misspellings 2011-03-31 11:26:23 -03:00
DDRInit.c
DDRInit.h
Debug.h staging: Fix recieve/receive typos 2011-06-28 14:54:17 -07:00
HandleControlPacket.c staging: bcm: HandleControlPacket.c: breaking of long lines 2011-12-12 16:49:26 -08:00
headers.h Staging: bcm: Fix a coding style error reported by checkpatch.pl 2011-08-23 15:20:52 -07:00
hostmibs.c Staging: bcm: hostmibs: Added temporary variable to shorten lines 2011-11-26 17:11:12 -08:00
HostMIBSInterface.h Fix common misspellings 2011-03-31 11:26:23 -03:00
InterfaceAdapter.h
InterfaceDld.c Staging: bcm: Fix information leak in ioctl: IOCTL_BCM_REGISTER_READ_PRIVATE, IOCTL_BCM_EEPROM_REGISTER_READ 2011-11-26 17:11:58 -08:00
InterfaceIdleMode.c Staging: bcm: Fix information leak in ioctl: IOCTL_BCM_REGISTER_READ_PRIVATE, IOCTL_BCM_EEPROM_REGISTER_READ 2011-11-26 17:11:58 -08:00
InterfaceIdleMode.h
InterfaceInit.c Staging: bcm: Fix information leak in ioctl: IOCTL_BCM_REGISTER_READ_PRIVATE, IOCTL_BCM_EEPROM_REGISTER_READ 2011-11-26 17:11:58 -08:00
InterfaceInit.h Staging: Beceem: add USB id for BCSM250 Mobile WiMAX 2010-12-06 16:09:43 -08:00
InterfaceIsr.c Fix common misspellings 2011-03-31 11:26:23 -03:00
InterfaceIsr.h
InterfaceMacros.h
InterfaceMisc.c Staging: bcm: Fix information leak in ioctl: IOCTL_BCM_REGISTER_READ_PRIVATE, IOCTL_BCM_EEPROM_REGISTER_READ 2011-11-26 17:11:58 -08:00
InterfaceMisc.h
InterfaceRx.c staging: Fix recieve/receive typos 2011-06-28 14:54:17 -07:00
InterfaceRx.h
InterfaceTx.c Staging: Beceem: remove old kernel compatibility code 2010-12-06 16:09:45 -08:00
InterfaceTx.h
Ioctl.h Fix common misspellings 2011-03-31 11:26:23 -03:00
IPv6Protocol.c Fix common misspellings 2011-03-31 11:26:23 -03:00
IPv6ProtocolHdr.h
Kconfig
LeakyBucket.c Fix common misspellings 2011-03-31 11:26:23 -03:00
led_control.c staging: bcm: led_control.c: breaking of long lines 2011-12-08 12:43:41 -08:00
led_control.h
Macros.h Staging: bcm: Macros: Fixed multiple coding style violations. 2011-08-23 15:21:23 -07:00
Makefile
Misc.c Staging: bcm: Fix information leak in ioctl: IOCTL_BCM_REGISTER_READ_PRIVATE, IOCTL_BCM_EEPROM_REGISTER_READ 2011-11-26 17:11:58 -08:00
nvm.c Staging: bcm: Fix information leak in ioctl: IOCTL_BCM_REGISTER_READ_PRIVATE, IOCTL_BCM_EEPROM_REGISTER_READ 2011-11-26 17:11:58 -08:00
nvm.h
PHSDefines.h
PHSModule.c staging: Fix recieve/receive typos 2011-06-28 14:54:17 -07:00
PHSModule.h staging: Fix recieve/receive typos 2011-06-28 14:54:17 -07:00
Protocol.h
Prototypes.h
Qos.c Fix common misspellings 2011-03-31 11:26:23 -03:00
Queue.h
sort.c drivers: staging: bcm: sort: kill handrolled bubblesort 2011-07-05 20:36:37 -07:00
target_params.h
TODO
Transmit.c staging: fix build failure in bcm driver 2011-01-17 17:39:39 -08:00
Typedefs.h
vendorspecificextn.c
vendorspecificextn.h
Version.h