linux/drivers/staging/ncpfs
Dan Carpenter 4c41aa24ba staging: ncpfs: memory corruption in ncp_read_kernel()
If the server is malicious then *bytes_read could be larger than the
size of the "target" buffer.  It would lead to memory corruption when we
do the memcpy().

Reported-by: Dr Silvio Cesare of InfoSect <Silvio Cesare <silvio.cesare@gmail.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-19 16:31:39 +01:00
..
dir.c
file.c
getopt.c
getopt.h
inode.c
ioctl.c
Kconfig
Makefile
mmap.c
ncp_fs_i.h
ncp_fs_sb.h
ncp_fs.h
ncplib_kernel.c
ncplib_kernel.h
ncpsign_kernel.c
ncpsign_kernel.h
sock.c
symlink.c
TODO