github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 07:03:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
22aadb91c0
linux/drivers
History
frank zago 22aadb91c0 staging: lustre: hsm: stack overrun in hai_dump_data_field 
The function hai_dump_data_field will do a stack buffer
overrun when cat'ing /sys/fs/lustre/.../hsm/actions if an action has
some data in it.

hai_dump_data_field uses snprintf. But there is no check for
truncation, and the value returned by snprintf is used as-is.  The
coordinator code calls hai_dump_data_field with 12 bytes in the
buffer. The 6th byte of data is printed incompletely to make room for
the terminating NUL. However snprintf still returns 2, so when
hai_dump_data_field writes the final NUL, it does it outside the
reserved buffer, in the 13th byte of the buffer. This stack buffer
overrun hangs my VM.

Fix by checking that there is enough room for the next 2 characters
plus the NUL terminator. Don't print half bytes. Change the format to
02X instead of .2X, which makes more sense.

Signed-off-by: frank zago <fzago@cray.com>
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-8171
Reviewed-on: http://review.whamcloud.com/20338
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: Jean-Baptiste Riaux <riaux.jb@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-02-03 13:01:37 +01:00
..
accessibility
acpi Merge branches 'acpi-scan', 'acpi-sysfs', 'acpi-wdat' and 'acpi-tables' 2017-01-06 14:36:30 +01:00
amba
android
ata Merge branch 'for-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2016-12-13 15:30:50 -08:00
atm Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
auxdisplay
base PM / domains: Fix 'may be used uninitialized' build warning 2016-12-31 21:52:07 +01:00
bcma
block ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
bluetooth Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-12-16 10:24:44 -08:00
bus cpu/hotplug: Cleanup state names 2016-12-25 10:47:44 +01:00
cdrom Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
char clocksource: Use a plain u64 instead of cycle_t 2016-12-25 11:04:12 +01:00
clk One fix for a broken driver on Renesas RZ/A1 SoCs with bootloaders that don't 2017-01-06 15:35:27 -08:00
clocksource Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-12-25 14:30:04 -08:00
connector
cpufreq Merge branch 'pm-cpufreq' 2017-01-06 14:34:52 +01:00
cpuidle Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-12-27 17:51:36 -08:00
dax libnvdimm for 4.10 2016-12-18 15:49:10 -08:00
dca
devfreq PM / devfreq: exynos-bus: Fix the wrong return value 2017-01-03 00:21:45 +01:00
dio Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
dma ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
dma-buf
edac Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
eisa
extcon sound updates for 4.10-rc1 2016-12-14 11:14:28 -08:00
firewire
firmware PSCI fixes for v4.10 2017-01-04 16:38:39 +01:00
fmc
fpga
gpio - New Device Support 2016-12-19 08:16:26 -08:00
gpu VFIO fixes for v4.10-rc3 2017-01-06 11:19:03 -08:00
hid HID: sensor-hub: Move the memset to sensor_hub_get_feature() 2017-01-02 14:01:30 +01:00
hsi
hv clocksource: Use a plain u64 instead of cycle_t 2016-12-25 11:04:12 +01:00
hwmon hwmon: (lm90) fix temp1_max_alarm attribute 2017-01-02 10:15:28 -08:00
hwspinlock
hwtracing coresight/etm3/4x: Consolidate hotplug state space 2016-12-25 10:47:44 +01:00
i2c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
ide Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
idle Power management material for v4.10-rc1 2016-12-13 10:41:53 -08:00
iio iio: stx104: Add GPIO set_multiple callback function support 2017-02-01 18:50:54 +00:00
infiniband net/mlx4_core: Fix raw qp flow steering rules under SRIOV 2016-12-29 14:17:40 -05:00
input ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
iommu IOMMU Fixes for Linux v4.10-rc2 2017-01-06 10:49:36 -08:00
ipack
irqchip Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-12-25 14:30:04 -08:00
isdn Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
leds cpu/hotplug: Cleanup state names 2016-12-25 10:47:44 +01:00
lguest Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
lightnvm Char/Misc driver patches for 4.10-rc1 2016-12-13 12:11:01 -08:00
macintosh Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mailbox ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
mcb
md Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
media ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
memory
memstick Merge branch 'for-4.10/block' of git://git.kernel.dk/linux-block 2016-12-13 10:19:16 -08:00
message Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mfd mfd: Add STM32 Timers driver 2017-01-23 12:03:57 +00:00
misc mei: move write cb to completion on credentials failures 2017-01-04 18:22:44 +01:00
mmc Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mtd Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
net sh_eth: enable RX descriptor word 0 shift on SH7734 2017-01-04 16:12:14 -05:00
nfc
ntb ntb_transport: Remove unnecessary call to ntb_peer_spad_read 2016-12-23 16:11:07 -05:00
nubus Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
nvdimm libnvdimm for 4.10 2016-12-18 15:49:10 -08:00
nvme Merge branch 'nvme-4.10' of git://git.infradead.org/nvme into for-linus 2016-12-22 11:54:46 -07:00
nvmem nvmem: fix nvmem_cell_read() return type doc 2017-01-04 18:22:47 +01:00
of pci-v4.10-changes 2016-12-15 12:46:48 -08:00
oprofile Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
parisc Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
parport Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
pci ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
pcmcia drivers/pcmcia/m32r_pcc.c: check return from add_pcc_socket 2016-12-12 18:55:06 -08:00
perf cpu/hotplug: Cleanup state names 2016-12-25 10:47:44 +01:00
phy SCSI misc on 20161213 2016-12-14 10:49:33 -08:00
pinctrl pinctrl: samsung: Fix the width of PINCFG_TYPE_DRV bitfields for Exynos5433 2016-12-30 14:27:42 +01:00
platform iio: cros_ec: Add cros_ec barometer driver 2017-01-28 15:07:46 +00:00
pnp Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
power ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
powercap
pps
ps3
ptp Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-12-12 19:56:15 -08:00
pwm pwm: Add driver for STM32 plaftorm 2017-01-25 16:11:55 +00:00
rapidio
ras
regulator - New Device Support 2016-12-19 08:16:26 -08:00
remoteproc remoteproc: qcom_adsp_pil: select qcom_scm 2016-12-09 16:16:56 -08:00
reset ARM: SoC driver updates for v4.10 2016-12-15 16:03:25 -08:00
rpmsg rpmsg updates for v4.10 2016-12-13 08:52:45 -08:00
rtc ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
s390 ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
sbus Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
scsi Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-12-25 14:30:04 -08:00
sfi
sh lib: radix-tree: check accounting of existing slot replacement users 2016-12-12 18:55:08 -08:00
sn
soc powerpc updates for 4.10 2016-12-16 09:26:42 -08:00
spi dmaengine updates for 4.10-rc1 2016-12-14 20:42:45 -08:00
spmi
ssb
staging staging: lustre: hsm: stack overrun in hai_dump_data_field 2017-02-03 13:01:37 +01:00
target Merge branch 'scsi-target-for-v4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/bvanassche/linux 2016-12-21 10:16:05 -08:00
tc
thermal Power management material for v4.10-rc1 2016-12-13 10:41:53 -08:00
thunderbolt Char/Misc driver patches for 4.10-rc1 2016-12-13 12:11:01 -08:00
tty Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
uio uio-hv-generic: store physical addresses instead of virtual 2016-12-10 14:57:58 +01:00
usb USB: fix problems with duplicate endpoint addresses 2017-01-05 19:38:40 +01:00
uwb
vfio vfio-pci: Handle error from pci_iomap 2017-01-04 08:34:39 -07:00
vhost Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-12-16 10:24:44 -08:00
video video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap 2017-01-04 12:58:45 +01:00
virt
virtio virtio_mmio: Set dev.release() to avoid warning 2016-12-16 00:13:39 +02:00
vlynq
vme
w1
watchdog Watchdog updates for v4.10 2016-12-24 11:27:45 -08:00
xen Merge branch 'stable/for-linus-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb 2017-01-06 10:53:21 -08:00
zorro Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
Kconfig
Makefile