FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-18 06:50:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8c442794b2
linux/include
History
Sudeep Dutt 3b1cc9b962 misc: mic: fix possible signed underflow (undefined behavior) in userspace API 
iovcnt is declared as a signed integer in both the userspace API and
as a local variable in mic_virtio.c. The while() loop in mic_virtio.c
iterates until the local variable iovcnt reaches the value 0. If
userspace passes e.g. INT_MIN as iovcnt field, this loop then appears
to depend on an undefined behavior (signed underflow) to complete.
The fix is to use unsigned integers in both the userspace API and
the local variable.

This issue was reported @ https://lkml.org/lkml/2014/1/10/10

Reported-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Reviewed-by: Ashutosh Dixit <ashutosh.dixit@intel.com>
Signed-off-by: Sudeep Dutt <sudeep.dutt@intel.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-02-07 15:30:34 -08:00
..
acpi
asm-generic
clocksource
crypto
drm
dt-bindings Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2014-01-30 17:07:18 -08:00
keys
kvm
linux Drivers: hv: vmbus: Specify the target CPU that should receive notification 2014-02-07 08:27:34 -08:00
math-emu
media
memory
misc
net
pcmcia
ras
rdma
rxrpc
scsi Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2014-01-31 15:31:23 -08:00
sound
target Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2014-01-31 15:31:23 -08:00
trace Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2014-01-31 09:31:14 -08:00
uapi misc: mic: fix possible signed underflow (undefined behavior) in userspace API 2014-02-07 15:30:34 -08:00
video
xen Bug-fixes: 2014-01-31 08:38:18 -08:00
Kbuild