microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/drivers
История
Tony Battersby 0f52d7b782 scsi: core: Fix legacy /proc parsing buffer overflow 
commit 9426d3cef5 upstream.

(lightly modified commit message mostly by Linus Torvalds)

The parsing code for /proc/scsi/scsi is disgusting and broken.  We should
have just used 'sscanf()' or something simple like that, but the logic may
actually predate our kernel sscanf library routine for all I know.  It
certainly predates both git and BK histories.

And we can't change it to be something sane like that now, because the
string matching at the start is done case-insensitively, and the separator
parsing between numbers isn't done at all, so *any* separator will work,
including a possible terminating NUL character.

This interface is root-only, and entirely for legacy use, so there is
absolutely no point in trying to tighten up the parsing.  Because any
separator has traditionally worked, it's entirely possible that people have
used random characters rather than the suggested space.

So don't bother to try to pretty it up, and let's just make a minimal patch
that can be back-ported and we can forget about this whole sorry thing for
another two decades.

Just make it at least not read past the end of the supplied data.

Link: https://lore.kernel.org/linux-scsi/b570f5fe-cb7c-863a-6ed9-f6774c219b88@cybernetics.com/
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin K Petersen <martin.petersen@oracle.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: stable@kernel.org
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
Signed-off-by: Martin K Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2023-08-16 18:22:03 +02:00
..
accessibility tty: fix possible null-ptr-defer in spk_ttyio_release 2023-01-24 07:22:46 +01:00
acpi ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily 2023-08-03 10:22:46 +02:00
amba
android binder: fix memory leak in binder_init() 2023-08-16 18:21:59 +02:00
ata ata: pata_ns87415: mark ns87560_tf_read static 2023-08-03 10:22:39 +02:00
atm atm: idt77252: fix kmemleak when rmmod idt77252 2023-03-30 12:47:48 +02:00
auxdisplay auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() 2023-03-11 13:57:22 +01:00
base PM: sleep: wakeirq: fix wake irq arming 2023-08-11 15:14:00 +02:00
bcma
block rbd: prevent busy loop when requesting exclusive lock 2023-08-11 15:13:57 +02:00
bluetooth Bluetooth: hci_qca: fix debugfs registration 2023-06-14 11:13:06 +02:00
bus bus: ixp4xx: fix IXP4XX_EXP_T1_MASK 2023-07-23 13:47:54 +02:00
cdrom
char tpm_tis: Explicitly check for error code 2023-08-03 10:22:44 +02:00
clk clk: qcom: ipq6018: fix networking resets 2023-07-23 13:47:22 +02:00
clocksource clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe 2023-07-23 13:46:45 +02:00
comedi comedi: adv_pci1760: Fix PWM instruction handling 2023-01-24 07:22:45 +01:00
connector
counter counter: 104-quad-8: Fix race condition between FLAG and CNTR reads 2023-04-26 13:51:55 +02:00
cpufreq cpufreq: intel_pstate: Drop ACPI _PSS states table patching 2023-08-03 10:22:47 +02:00
cpuidle cpuidle: psci: Iterate backwards over list in psci_pd_remove() 2023-03-22 13:31:36 +01:00
crypto crypto: qat - unmap buffers before free for RSA 2023-07-23 13:47:16 +02:00
cxl
dax dax/kmem: Pass valid argument to memory_group_register_static 2023-07-23 13:47:17 +02:00
dca
devfreq PM/devfreq: governor: Add a private governor_data for governor 2023-01-12 11:58:51 +01:00
dio
dma dmaengine: mcf-edma: Fix a potential un-allocated memory access 2023-08-16 18:22:02 +02:00
dma-buf
edac EDAC/skx: Fix overflows on the DRAM row address mapping arrays 2023-05-11 23:00:20 +09:00
eisa
extcon extcon: usbc-tusb320: Convert to i2c's .probe_new() 2023-07-23 13:47:31 +02:00
firewire firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region 2023-02-09 11:26:32 +01:00
firmware firmware: arm_scmi: Drop OF node reference in the transport channel setup 2023-08-11 15:13:56 +02:00
fpga fpga: bridge: fix kernel-doc parameter description 2023-05-11 23:00:31 +09:00
fsi WRITE is "data source", not destination... 2023-02-09 11:26:34 +01:00
gnss
gpio gpio: mvebu: fix irq domain leak 2023-08-03 10:22:26 +02:00
gpu drm/rockchip: Don't spam logs in atomic check 2023-08-16 18:22:01 +02:00
greybus
hid HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651. 2023-07-05 18:25:05 +01:00
hsi HSI: omap_ssi_core: Fix error handling in ssi_init() 2022-12-31 13:14:32 +01:00
hv Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs 2023-06-28 10:29:42 +02:00
hwmon hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100 2023-08-16 18:21:58 +02:00
hwspinlock
hwtracing coresight: Fix loss of connection info when a module is unloaded 2023-07-23 13:47:23 +02:00
i2c i2c: nomadik: Remove a useless call in the remove function 2023-08-03 10:22:27 +02:00
i3c
idle
iio iio: adc: ina2xx: avoid NULL pointer dereference on OF device match 2023-08-16 18:21:59 +02:00
infiniband RDMA/umem: Set iova in ODP flow 2023-08-16 18:22:01 +02:00
input Input: adxl34x - do not hardcode interrupt trigger type 2023-07-23 13:46:59 +02:00
interconnect interconnect: qcom: osm-l3: fix icc_onecell_data allocation 2023-03-30 12:47:41 +02:00
iommu iommu/arm-smmu-v3: Document nesting-related errata 2023-08-11 15:13:49 +02:00
ipack
irqchip irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation 2023-08-03 10:22:45 +02:00
isdn mISDN: Update parameter type of dsp_cmx_send() 2023-08-16 18:22:01 +02:00
leds leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename 2023-07-23 13:47:36 +02:00
macintosh macintosh: via-pmu-led: requires ATA to be set 2023-05-11 23:00:34 +09:00
mailbox mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 2023-07-23 13:47:28 +02:00
mcb mcb-pci: Reallocate memory region to avoid memory overlapping 2023-05-24 17:36:47 +01:00
md dm cache policy smq: ensure IO doesn't prevent cleaner policy progress 2023-08-03 10:22:46 +02:00
media media: cec: i2c: ch7322: also select REGMAP 2023-07-23 13:47:27 +02:00
memory memory: brcmstb_dpfe: fix testing array offset after use 2023-07-23 13:47:03 +02:00
memstick memstick r592: make memstick_debug_get_tpc_name() static 2023-07-23 13:46:52 +02:00
message scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 2023-05-24 17:36:45 +01:00
mfd mfd: pm8008: Fix module autoloading 2023-07-23 13:47:51 +02:00
misc misc: rtsx: judge ASPM Mode to set PETXCFG Reg 2023-08-16 18:21:59 +02:00
mmc mmc: moxart: read scr register without changing byte order 2023-08-16 18:21:57 +02:00
most
mtd mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 2023-08-11 15:13:59 +02:00
mux
net ibmvnic: Handle DMA unmapping of login buffs in release functions 2023-08-16 18:22:02 +02:00
nfc nfcsim.c: Fix error checking for debugfs_create_dir 2023-06-28 10:29:51 +02:00
ntb NTB: ntb_tool: Add check for devm_kcalloc 2023-07-23 13:47:42 +02:00
nubus nubus: Partially revert proc_create_single_data() conversion 2023-07-05 18:25:05 +01:00
nvdimm
nvme nvme-rdma: fix potential unbalanced freeze & unfreeze 2023-08-16 18:22:03 +02:00
nvmem nvmem: rmem: Use NVMEM_DEVID_AUTO 2023-07-23 13:47:25 +02:00
of of: overlay: add entry to of_overlay_action_name[] 2023-06-21 15:59:19 +02:00
opp opp: Fix use-after-free in lazy_opp_tables after probe deferral 2023-07-23 13:47:54 +02:00
parisc parisc: Replace regular spinlock with spin_trylock on panic path 2023-05-24 17:36:48 +01:00
parport
pci PCI: rockchip: Don't advertise MSI-X in PCIe capabilities 2023-08-03 10:22:28 +02:00
pcmcia
perf perf/arm-cmn: Fix DTC reset 2023-07-23 13:46:46 +02:00
phy phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() 2023-08-03 10:22:34 +02:00
pinctrl pinctrl: amd: Use amd_pinconf_set() for all config options 2023-07-27 08:46:59 +02:00
platform platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 2023-08-03 10:22:35 +02:00
pnp
power power: supply: Fix logic checking if system is running from battery 2023-06-21 15:59:13 +02:00
powercap powercap: RAPL: Fix CONFIG_IOSF_MBI dependency 2023-07-23 13:46:46 +02:00
pps
ps3
ptp ptp_qoriq: fix memory leak in probe() 2023-04-05 11:24:55 +02:00
pwm pwm: meson: fix handling of period/duty if greater than UINT_MAX 2023-08-03 10:22:30 +02:00
rapidio
ras
regulator regulator: core: Streamline debugfs operations 2023-07-23 13:46:50 +02:00
remoteproc remoteproc: stm32_rproc: Add mutex protection for workqueue 2023-05-24 17:36:44 +01:00
reset reset: uniphier-glue: Fix possible null-ptr-deref 2023-02-01 08:27:04 +01:00
rpmsg rpmsg: glink: Avoid infinite loop on intent for missing channel 2023-03-10 09:39:46 +01:00
rtc rtc: st-lpc: Release some resources in st_rtc_probe() in case of error 2023-07-23 13:47:27 +02:00
s390 scsi: zfcp: Defer fc_rport blocking until after ADISC response 2023-08-11 15:13:55 +02:00
sbus
scsi scsi: core: Fix legacy /proc parsing buffer overflow 2023-08-16 18:22:03 +02:00
sh genirq: Add and use an irq_data_update_affinity helper 2023-03-11 13:57:31 +01:00
siox
slimbus
soc drivers: meson: secure-pwrc: always enable DMA domain 2023-07-23 13:47:09 +02:00
soundwire soundwire: fix enumeration completion 2023-08-11 15:14:00 +02:00
spi spi: bcm63xx: fix max prepend length 2023-07-27 08:46:58 +02:00
spmi spmi: Add a check for remove callback when removing a SPMI driver 2023-05-11 23:00:34 +09:00
ssb
staging staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() 2023-08-03 10:22:43 +02:00
target scsi: target: iscsi: Prevent login threads from racing between each other 2023-06-28 10:29:50 +02:00
tc
tee tee: amdtee: Add return_origin to 'struct tee_cmd_load_ta' 2023-06-14 11:13:06 +02:00
thermal thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe() 2023-07-23 13:46:46 +02:00
thunderbolt thunderbolt: Mask ring interrupt on Intel hardware as well 2023-06-21 15:59:15 +02:00
tty tty: n_gsm: fix UAF in gsm_cleanup_mux 2023-08-03 10:22:43 +02:00
uio
usb usb: typec: tcpm: Fix response to vsafe0V event 2023-08-16 18:21:59 +02:00
vdpa vduse: avoid empty string for dev name 2023-06-14 11:13:09 +02:00
vfio vfio/type1: restore locked_vm 2023-03-10 09:40:13 +01:00
vhost vhost_net: revert upend_idx only on retriable error 2023-06-28 10:29:53 +02:00
video fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe 2023-07-27 08:47:02 +02:00
virt
virtio virtio_ring: don't update event idx on get_buf 2023-05-11 23:00:34 +09:00
visorbus
vlynq
vme
w1 w1: fix loop in w1_fini() 2023-07-23 13:47:20 +02:00
watchdog watchdog: menz069_wdt: fix watchdog initialisation 2023-06-09 10:32:19 +02:00
xen xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() 2023-05-30 13:55:32 +01:00
zorro
Kconfig
Makefile