iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/lib
History
Don Mullis f015ac3edd lib/list_sort: do not pass bad pointers to cmp callback 
If the original list is a POT in length, the first callback from line 73
will pass a==b both pointing to the original list_head.  This is dangerous
because the 'list_sort()' user can use 'container_of()' and accesses the
"containing" object, which does not necessary exist for the list head.  So
the user can access RAM which does not belong to him.  If this is a write
access, we can end up with memory corruption.

Signed-off-by: Don Mullis <don.mullis@gmail.com>
Tested-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-10-01 10:50:58 -07:00
..
lzo
lib: add support for LZO-compressed kernels
2010-01-11 09:34:04 -08:00
raid6
Move .gitignore from drivers/md to lib/raid6
2010-08-30 17:35:52 +10:00
reed_solomon
lib: Remove unnecessary inclusions of asm/semaphore.h
2008-04-18 22:17:17 -04:00
zlib_deflate
trivial: fix typo "to to" in multiple files
2009-09-21 15:14:55 +02:00
zlib_inflate
inflate_fast: sout is already a short so ptr arith was off by one.
2010-03-12 15:52:44 -08:00
.gitignore
Add some basic .gitignore files
2005-10-18 08:26:15 -07:00
argv_split.c
tree-wide: convert open calls to remove spaces to skip_spaces() lib function
2009-12-15 08:53:32 -08:00
atomic64_test.c
ARM: 6213/1: atomic64_test: add ARM as supported architecture
2010-07-27 10:43:46 +01:00
atomic64.c
lib: Fix atomic64_add_unless return value convention
2010-03-01 11:38:46 -08:00
audit.c
[PATCH] audit signal recipients
2007-05-11 05:38:25 -04:00
bcd.c
rtc: BCD codeshrink
2008-07-24 10:47:33 -07:00
bitmap.c
Revert "cpusets: randomize node rotor used in cpuset_mem_spread_node()"
2010-05-30 09:00:03 -07:00
bitrev.c
lib: export bitrev16
2008-06-06 11:29:10 -07:00
btree.c
lib/btree: fix possible NULL pointer dereference
2010-05-15 12:48:10 -07:00
bug.c
lib/bug.c: add oops end marker to WARN implementation
2010-08-11 08:59:22 -07:00
bust_spinlocks.c
oops handling: ensure that any oops is flushed to the mtdoops console
2009-01-06 15:59:11 -08:00
check_signature.c
uninline check_signature()
2007-07-16 09:05:50 -07:00
checksum.c
lib/checksum: fix one more thinko
2009-11-03 16:06:53 +01:00
cmdline.c
generic, memparse(): constify argument
2008-07-28 15:05:23 +02:00
cpu-notifier-error-inject.c
fault-injection: add CPU notifier error injection module
2010-05-27 09:12:48 -07:00
cpumask.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
crc7.c
CRC7 support
2007-07-17 10:23:04 -07:00
crc16.c
[PATCH] kernel-doc for lib/crc*.c
2006-06-25 10:01:20 -07:00
crc32.c
revert "crc32: use __BYTE_ORDER macro for endian detection"
2010-05-26 08:19:23 -07:00
crc32defs.h
crc-ccitt.c
[PATCH] kernel-doc for lib/crc*.c
2006-06-25 10:01:20 -07:00
crc-itu-t.c
CRC ITU-T V.41
2007-05-10 18:24:13 +02:00
crc-t10dif.c
[SCSI] lib: Add support for the T10 (SCSI) Data Integrity Field CRC
2008-07-12 08:22:32 -05:00
ctype.c
ctype: constify read-only _ctype string
2009-12-15 08:53:32 -08:00
debug_locks.c
rcu: Introduce lockdep-based checking to RCU read-side primitives
2010-02-25 09:40:59 +01:00
debugobjects.c
Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
2010-05-18 08:17:58 -07:00
dec_and_lock.c
atomic: only take lock when the counter drops to zero on UP as well
2009-06-16 19:47:47 -07:00
decompress_bunzip2.c
lib/decompress_bunzip2.c: fix checkstack warning
2010-08-11 08:59:23 -07:00
decompress_inflate.c
lzma/gzip: fix potential oops when input data is truncated
2009-09-24 07:21:05 -07:00
decompress_unlzma.c
lzma/gzip: fix potential oops when input data is truncated
2009-09-24 07:21:05 -07:00
decompress_unlzo.c
lib: fix the use of LZO to decompress initramfs images
2010-04-24 11:31:25 -07:00
decompress.c
Add LZO compression support for initramfs and old-style initrd
2010-01-11 09:34:05 -08:00
devres.c
lib/devres.c: fix comment typo
2010-07-11 22:16:32 +02:00
div64.c
add an inlined version of iter_div_u64_rem
2008-06-12 10:47:58 +02:00
dma-debug.c
dma-debug: Cleanup for copy-loop in filter_write()
2010-04-07 14:36:27 +02:00
dump_stack.c
dynamic_debug.c
module: initialize module dynamic debug later
2010-07-04 20:17:22 -07:00
extable.c
module: trim exception table on init free.
2009-06-12 21:47:04 +09:30
fault-inject.c
headers: remove sched.h from interrupt.h
2009-10-11 11:20:58 -07:00
find_last_bit.c
bitmap: find_last_bit()
2009-01-01 10:12:19 +10:30
find_next_bit.c
bitops: remove "optimizations"
2008-04-29 08:11:16 -07:00
flex_array.c
flex_array: add helpers to get and put to make pointers easy to use
2010-08-09 20:45:09 -07:00
gcd.c
lib: add lib/gcd.c
2009-06-18 13:04:05 -07:00
gen_crc32table.c
crc32: major optimization
2010-05-25 08:07:06 -07:00
genalloc.c
genalloc: fix allocation from end of pool
2010-06-29 15:29:30 -07:00
halfmd4.c
hexdump.c
lib: introduce common method to convert hex digits
2010-05-25 08:07:05 -07:00
hweight.c
x86: Add optimized popcnt variants
2010-04-06 15:52:11 -07:00
idr.c
idr: fix RCU lockdep splat in idr_get_next()
2010-06-23 06:50:45 -07:00
inflate.c
MN10300: Don't try and #include <linux/slab.h> in lib/inflate.c from bootloader
2010-08-12 09:51:35 -07:00
int_sqrt.c
[PATCH] lib: Fix bug in int_sqrt() for 64 bit longs
2006-02-03 08:32:08 -08:00
iomap_copy.c
[PATCH] add __iowrite64_copy
2006-06-20 20:24:58 -07:00
iomap.c
Use WARN() in lib/
2008-07-26 12:00:07 -07:00
iommu-helper.c
iommu: inline iommu_num_pages
2010-08-09 20:45:05 -07:00
ioremap.c
x86, ioremap: Fix incorrect physical address handling in PAE mode
2010-07-09 11:42:03 -07:00
irq_regs.c
[PATCH] irq_reqs: export __irq_regs
2006-10-06 08:53:40 -07:00
is_single_threaded.c
kernel: is_current_single_threaded: don't use ->mmap_sem
2009-07-17 09:11:31 +10:00
kasprintf.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
Kconfig
Merge branch 'async' of macbook:git/btrfs-unstable
2010-08-09 10:36:44 +01:00
Kconfig.debug
latencytop: Fix kconfig dependency warnings
2010-08-17 09:09:03 +02:00
Kconfig.kgdb
mips,kgdb: kdb low level trap catch and stack trace
2010-05-20 21:04:26 -05:00
Kconfig.kmemcheck
kmemcheck: depend on HAVE_ARCH_KMEMCHECK
2009-07-01 22:28:44 +02:00
kernel_lock.c
bkl: Fixup core_lock fallout
2009-12-14 23:55:33 +01:00
klist.c
driver core: Remove completion from struct klist_node
2009-01-06 10:44:30 -08:00
kobject_uevent.c
kobject_uevent: fix typo in comments
2010-08-23 18:12:46 -07:00
kobject.c
sysfs: Comment sysfs directory tagging logic
2010-05-21 09:37:31 -07:00
kref.c
kref: remove kref_set
2010-05-21 09:37:29 -07:00
lcm.c
block: Fix overrun in lcm() and move it to lib
2010-03-15 12:47:59 +01:00
libcrc32c.c
libcrc32c: Fix "crc32c undefined" compilation error
2008-12-25 11:01:42 +11:00
list_debug.c
list debugging: warn when deleting a deleted entry
2010-08-09 20:45:08 -07:00
list_sort.c
lib/list_sort: do not pass bad pointers to cmp callback
2010-10-01 10:50:58 -07:00
locking-selftest-hardirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-mutex.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-rlock-hardirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-rlock-softirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-rlock.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-rsem.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-softirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-spin-hardirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-spin-softirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-spin.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-wlock-hardirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-wlock-softirq.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-wlock.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest-wsem.h
[PATCH] lockdep: locking API self tests
2006-07-03 15:27:03 -07:00
locking-selftest.c
locking: rename trace_softirq_[enter|exit] => lockdep_softirq_[enter|exit]
2009-03-13 01:32:36 +01:00
lru_cache.c
The DRBD driver
2009-10-01 21:17:49 +02:00
Makefile
Merge branch 'async' of macbook:git/btrfs-unstable
2010-08-09 10:36:44 +01:00
nlattr.c
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6
2009-03-26 22:45:23 -07:00
parser.c
parser: remove unnecessary strlen()
2009-12-15 08:53:33 -08:00
percpu_counter.c
tmpfs: add accurate compare function to percpu_counter library
2010-08-09 20:44:58 -07:00
plist.c
plist: Make plist debugging raw_spinlock aware
2009-12-14 23:55:33 +01:00
prio_heap.c
lib: fix sparse shadowed variable warning
2009-01-06 15:59:11 -08:00
prio_tree.c
proportions.c
Merge branch 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
2009-01-06 17:10:04 -08:00
radix-tree.c
Merge branch 'radix-tree' of git://git.kernel.org/pub/scm/linux/kernel/git/dgc/xfsdev
2010-08-22 19:55:14 -07:00
random32.c
Merge branch 'master' into for-next
2010-06-16 18:08:13 +02:00
ratelimit.c
ratelimit: fix the return value when __ratelimit() fails to acquire the lock
2010-04-07 08:38:04 -07:00
rational.c
lib/rational.c needs module.h
2010-01-11 09:34:05 -08:00
rbtree.c
rbtree: Undo augmented trees performance damage and regression
2010-07-05 14:43:50 +02:00
reciprocal_div.c
[PATCH] SLAB: use a multiply instead of a divide in obj_to_index()
2006-12-13 09:05:49 -08:00
rwsem-spinlock.c
rwsem generic spinlock: use IRQ save/restore spinlocks
2010-04-07 16:15:05 -07:00
rwsem.c
rwsem: smaller wrappers around rwsem_down_failed_common
2010-08-09 20:45:11 -07:00
scatterlist.c
scatterlist: prevent invalid free when alloc fails
2010-08-30 19:55:09 +02:00
sha1.c
[PATCH] Numerous fixes to kernel-doc info in source files.
2007-02-11 10:51:32 -08:00
show_mem.c
mm: use the same log level for show_mem()
2010-03-06 11:26:27 -08:00
smp_processor_id.c
cpumask: convert lib/smp_processor_id to new cpumask ops
2009-01-30 15:47:34 +01:00
sort.c
generic swap(): lib/sort.c: rename swap to swap_func
2009-01-08 08:31:14 -08:00
spinlock_debug.c
locking: Further name space cleanups
2009-12-14 23:55:33 +01:00
string_helpers.c
[SCSI] lib: string_get_size(): don't hang on zero; no decimals on exact
2008-10-23 11:42:20 -05:00
string.c
lib/string.c: simplify strnstr()
2010-03-06 11:26:35 -08:00
swiotlb.c
swiotlb: Make swiotlb bookkeeping functions visible in the header file.
2010-06-07 11:59:27 -04:00
syscall.c
task_current_syscall
2008-07-26 12:00:10 -07:00
textsearch.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
ts_bm.c
textsearch: ts_bm: support case insensitive searching in Boyer-Moore algorithm
2008-07-08 02:37:54 -07:00
ts_fsm.c
textsearch: ts_fsm: return error on request for case insensitive search
2008-07-08 02:38:27 -07:00
ts_kmp.c
textsearch: ts_kmp: support case insensitive searching in Knuth-Morris-Pratt algorithm
2008-07-08 02:38:09 -07:00
uuid.c
Unified UUID/GUID definition
2010-05-19 22:40:47 -04:00
vsprintf.c
lib: vsprintf: useless strlen() removed
2010-08-09 20:45:09 -07:00