linux/drivers/acpi
Vasiliy Kulikov 2949ad5071 ACPI / debugfs: Fix buffer overflows, double free
File position is not controlled, it may lead to overwrites of arbitrary
kernel memory.  Also the code may kfree() the same pointer multiple
times.

One more flaw is still present: if multiple processes open the file then
all 3 static variables are shared, leading to various race conditions.
They should be moved to file->private_data.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Reviewed-by: WANG Cong <xiyou.wangcong@gmail.com>
Reviewed-by: Eugene Teo <eugeneteo@kernel.org>
Cc: stable@kernel.org
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2011-02-24 19:59:06 +01:00
..
acpica ACPI / ACPICA: Avoid crashing if _PRW is defined for the root object 2011-02-12 01:39:15 +01:00
apei ACPI: Fix boot problem related to APEI with acpi_disabled set 2011-01-16 11:56:26 -08:00
ac.c Merge branch 'procfs-cleanup' into release 2011-01-12 05:00:07 -05:00
acpi_ipmi.c IPMI/ACPI: Add the IPMI opregion driver to enable ACPI to access BMC controller 2010-12-14 00:22:14 -05:00
acpi_memhotplug.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
acpi_pad.c Merge branch 'x86-idle-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2010-10-21 13:45:38 -07:00
atomicio.c ACPI, APEI, Fix acpi_pre_map() return value 2010-09-29 14:02:16 -04:00
battery.c ACPI / Battery: remove battery refresh on resume 2011-01-20 13:14:10 -08:00
blacklist.c Merge branch 'msi-dmi' into release 2010-10-08 22:37:46 -04:00
bus.c ACPI / PM: Drop acpi_power_nocheck 2011-01-12 04:48:45 -05:00
button.c ACPI / PM: Report wakeup events from buttons 2011-01-07 01:18:16 -05:00
cm_sbs.c ACPI: Move definition of PREFIX from acpi_bus.h to internal..h 2009-08-28 19:57:27 -04:00
container.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
debugfs.c ACPI / debugfs: Fix buffer overflows, double free 2011-02-24 19:59:06 +01:00
dock.c ACPICA: Rename some function and variable names 2011-01-12 04:24:40 -05:00
ec_sys.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
ec.c ACPICA: Implicit notify support 2011-01-12 04:27:00 -05:00
event.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
fan.c ACPI / Fan: Rework the handling of power resources 2011-01-12 04:48:45 -05:00
glue.c ACPI / PM: Drop special ACPI wakeup flags 2011-01-07 01:18:00 -05:00
hed.c ACPI Hardware Error Device (PNP0C33) support 2010-05-19 22:40:24 -04:00
internal.h Merge branch 'suspend-ioremap-cache' into release 2011-01-12 16:11:46 -05:00
Kconfig kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-20 17:02:05 -08:00
Makefile Merge branch 'ipmi' into release 2011-01-12 05:03:13 -05:00
numa.c x86, ia64, acpi: Clean up x86-ism in drivers/acpi/numa.c 2011-01-12 12:15:09 +01:00
nvs.c ACPI: Introduce acpi_os_ioremap() 2011-01-20 18:30:17 -08:00
osl.c ACPI: Fix acpi_os_read_memory() and acpi_os_write_memory() (v2) 2011-02-08 23:37:16 +01:00
pci_bind.c PCI / ACPI / PM: Platform support for PCI PME wake-up 2010-02-22 16:21:02 -08:00
pci_irq.c ACPI: remove unused declaration of proc_fs.h 2010-10-15 22:03:36 -04:00
pci_link.c ACPI: remove unused declaration of proc_fs.h 2010-10-15 22:03:36 -04:00
pci_root.c ACPI: Fix boot problem related to APEI with acpi_disabled set 2011-01-16 11:56:26 -08:00
pci_slot.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
power_meter.c power_meter: acpi_device_class "power_meter_resource" too long 2010-05-06 02:38:24 -04:00
power.c ACPI / PM: Check status of power resources under mutexes 2011-01-12 05:05:39 -05:00
proc.c ACPI / PM: Use device wakeup flags for handling ACPI wakeup devices 2011-01-07 01:17:41 -05:00
processor_core.c ACPI, intel_idle: Cleanup idle= internal variables 2011-01-12 12:47:30 -05:00
processor_driver.c Merge branch 'throttling' into release 2011-01-12 05:01:08 -05:00
processor_idle.c Merge branch 'linus' into idle-test 2011-01-12 18:06:06 -05:00
processor_perflib.c ACPI: Fix typos 2010-09-28 21:38:19 -04:00
processor_thermal.c ACPI thermal: remove two unused functions 2010-12-11 02:01:47 -05:00
processor_throttling.c Merge branch 'throttling' into release 2011-01-12 05:01:08 -05:00
reboot.c
sbs.c ACPI: delete CONFIG_ACPI_PROCFS_POWER and power procfs I/F in 2.6.39 2011-01-12 00:36:17 -05:00
sbshc.c sbshc: acpi_device_class "smbus_host_controller" too long 2010-05-06 02:38:25 -04:00
sbshc.h
scan.c ACPI: Drop device flag wake_capable 2011-01-12 05:06:01 -05:00
sleep.c ACPI / PM: Call suspend_nvs_free() earlier during resume 2011-01-20 18:30:17 -08:00
sleep.h ACPI: static sleep_states[] and acpi_gts_bfs_check 2010-10-19 13:44:37 -04:00
sysfs.c ACPICA: Global event handler 2011-01-12 04:27:00 -05:00
tables.c ACPI: delete the "acpi=ht" boot option 2010-03-14 20:58:38 -04:00
thermal.c ACPI / Fan: Rework the handling of power resources 2011-01-12 04:48:45 -05:00
utils.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
video_detect.c ACPI / Video: Probe for output switch method when searching video devices. 2011-02-12 01:40:16 +01:00
video.c Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6 2011-01-13 20:15:35 -08:00
wakeup.c ACPI / Wakeup: Enable button GPEs unconditionally during initialization 2011-02-12 01:39:53 +01:00