linux/fs
Jan Kara 57b9655d01 udf: Improve table length check to avoid possible overflow
When a partition table length is corrupted to be close to 1 << 32, the
check for its length may overflow on 32-bit systems and we will think
the length is valid. Later on the kernel can crash trying to read beyond
end of buffer. Fix the check to avoid possible overflow.

CC: stable@vger.kernel.org
Reported-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Jan Kara <jack@suse.cz>
2012-07-10 18:02:17 +02:00
..
9p kill v9fs_dentry_from_dir_inode() 2012-05-29 23:28:34 -04:00
adfs switch open-coded instances of d_make_root() to new helper 2012-03-20 21:29:35 -04:00
affs affs: bury unused macros 2012-05-29 23:28:34 -04:00
afs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
autofs4 avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
befs switch open-coded instances of d_make_root() to new helper 2012-03-20 21:29:35 -04:00
bfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
btrfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs 2012-07-05 13:06:25 -07:00
cachefiles switch touch_atime to struct path 2012-03-20 21:29:41 -04:00
ceph ceph: check PG_Private flag before accessing page->private 2012-06-20 07:43:48 -05:00
cifs cifs: when server doesn't set CAP_LARGE_READ_X, cap default rsize at MaxBufferSize 2012-07-03 12:54:42 -05:00
coda vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
configfs make configfs_pin_fs() return root dentry on success 2012-03-20 21:29:48 -04:00
cramfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-03-21 13:36:41 -07:00
debugfs debugfs: Add support to print u32 array in debugfs 2012-04-17 00:18:36 -04:00
devpts userns: Convert devpts to use kuid/kgid where appropriate 2012-05-15 14:59:26 -07:00
dlm dlm: NULL dereference on failure in kmem_cache_create() 2012-05-15 10:39:28 -05:00
ecryptfs eCryptfs: Gracefully refuse miscdev file ops on inherited/passed files 2012-07-06 15:51:12 -05:00
efs switch open-coded instances of d_make_root() to new helper 2012-03-20 21:29:35 -04:00
exofs exofs: fix sparse non-ANSI function warning 2012-06-12 06:33:22 +03:00
exportfs ->encode_fh() API change 2012-05-29 23:28:33 -04:00
ext2 ext2: cleanup the confused goto label 2012-07-09 12:03:12 +02:00
ext3 ext3: Check return value of blkdev_issue_flush() 2012-07-09 23:40:46 +02:00
ext4 ext4: don't set i_flags in EXT4_IOC_SETFLAGS 2012-06-07 19:04:19 -04:00
fat Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
freevxfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
fscache
fuse Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse 2012-06-05 10:11:11 -07:00
gfs2 ->encode_fh() API change 2012-05-29 23:28:33 -04:00
hfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
hfsplus hfsplus: fix bless ioctl when used with hardlinks 2012-06-17 14:39:59 -07:00
hostfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
hpfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
hppfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
hugetlbfs avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
isofs ->encode_fh() API change 2012-05-29 23:28:33 -04:00
jbd jbd: Check return value of blkdev_issue_flush() 2012-07-09 23:38:36 +02:00
jbd2 jbd2: use kmem_cache_zalloc wrapper instead of flag 2012-06-01 00:10:32 -04:00
jffs2 - More robust parsing especially of xattr data in JFFS2 2012-06-01 16:55:42 -07:00
jfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
lockd Merge branch 'for-3.5' of git://linux-nfs.org/~bfields/linux 2012-06-01 08:32:58 -07:00
logfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
minix vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
ncpfs fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
nfs NFS: Force the legacy idmapper to be single threaded 2012-06-20 14:38:11 -04:00
nfs_common
nfsd nfsd4: BUG_ON(!is_spin_locked()) no good on UP kernels 2012-06-14 13:54:08 -04:00
nilfs2 nilfs2: ensure proper cache clearing for gc-inodes 2012-06-20 14:39:35 -07:00
nls nls: fix (and rename) mac NLS table files and config options 2012-06-01 19:51:22 -07:00
notify fsnotify: remove unused parameter from send_to_group() 2012-05-30 21:04:53 -04:00
ntfs fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
ocfs2 ocfs2: Fix bogus error message from ocfs2_global_read_info 2012-07-03 23:27:17 -07:00
omfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
openpromfs switch open-coded instances of d_make_root() to new helper 2012-03-20 21:29:35 -04:00
proc vfs: Fix /proc/<tid>/fdinfo/<fd> file handling 2012-06-04 11:00:45 -07:00
pstore staging tree fixes for 3.5-rc4 2012-06-20 15:15:03 -07:00
qnx4 qnx4: new helper - try_extent() 2012-03-20 21:29:52 -04:00
qnx6 fs: initial qnx6fs addition 2012-03-20 21:29:38 -04:00
quota quota: fix checkpatch.pl warning by replacing <asm/uaccess.h> with <linux/uaccess.h> 2012-07-09 12:03:11 +02:00
ramfs tidy up after d_make_root() conversion 2012-03-20 21:29:37 -04:00
reiserfs reiserfs: get rid of resierfs_sync_super 2012-06-01 10:37:36 -04:00
romfs MTD merge for 3.4 2012-03-30 17:31:56 -07:00
squashfs Add an extra mount time sanity check, plus some code cleanups and bug fixes. 2012-03-28 18:05:54 -07:00
sysfs avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
sysv vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
ubifs UBIFS: correct usage of IS_ENABLED() 2012-06-27 14:22:15 +03:00
udf udf: Improve table length check to avoid possible overflow 2012-07-10 18:02:17 +02:00
ufs avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
xfs xfs: rename log structure to xlog 2012-06-21 14:21:11 -05:00
aio.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
anon_inodes.c anon_inodes: move allocation of anon_inode into ->mount() 2012-03-20 21:29:45 -04:00
attr.c vfs: increment iversion when a file is truncated 2012-05-30 21:04:53 -04:00
bad_inode.c mm/fs: remove truncate_range 2012-05-29 16:22:23 -07:00
binfmt_aout.c VM: add "vm_mmap()" helper function 2012-04-20 17:29:13 -07:00
binfmt_elf_fdpic.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
binfmt_elf.c binfmt_elf: switch elf_map() to vm_mmap/vm_munmap 2012-05-30 21:04:55 -04:00
binfmt_em86.c __register_binfmt() made void 2012-03-20 21:29:46 -04:00
binfmt_flat.c binfmt_flat: use vm_munmap, we are missing ->mmap_sem there 2012-05-30 21:04:56 -04:00
binfmt_misc.c vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
binfmt_script.c __register_binfmt() made void 2012-03-20 21:29:46 -04:00
binfmt_som.c VM: add "vm_mmap()" helper function 2012-04-20 17:29:13 -07:00
bio-integrity.c fs: remove the second argument of k[un]map_atomic() 2012-03-20 21:48:21 +08:00
bio.c Merge branch 'for-3.5/core' of git://git.kernel.dk/linux-block 2012-05-30 08:52:42 -07:00
block_dev.c avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
buffer.c fs: Move bh_cachep to the __read_mostly section 2012-05-30 21:04:52 -04:00
char_dev.c
compat_binfmt_elf.c
compat_ioctl.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
compat.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal 2012-06-01 11:53:44 -07:00
dcache.c Revert "vfs: stop d_splice_alias creating directory aliases" 2012-06-08 10:34:03 -07:00
dcookies.c fs: reduce the use of module.h wherever possible 2012-02-28 19:31:58 -05:00
direct-io.c NFS: Ensure that setattr and getattr wait for O_DIRECT write completion 2012-05-31 11:41:36 -07:00
drop_caches.c
eventfd.c eventfd: change int to __u64 in eventfd_signal() 2012-05-31 17:49:32 -07:00
eventpoll.c HAVE_RESTORE_SIGMASK is defined on all architectures now 2012-06-01 12:58:46 -04:00
exec.c mm: correctly synchronize rss-counters at exit/exec 2012-06-20 14:39:36 -07:00
fcntl.c switch fcntl to fget_raw_light/fput_light 2012-05-29 23:28:30 -04:00
fhandle.c
fifo.c
file_table.c brlocks/lglocks: API cleanups 2012-05-29 23:28:41 -04:00
file.c Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-03-29 18:12:23 -07:00
filesystems.c
fs_struct.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
fs-writeback.c writeback: Fix lock imbalance in writeback_sb_inodes() 2012-06-09 08:32:15 +09:00
generic_acl.c
inode.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
internal.h vfs: split __dentry_open() 2012-06-01 12:12:00 -04:00
ioctl.c fs: reduce the use of module.h wherever possible 2012-02-28 19:31:58 -05:00
ioprio.c Merge branch 'for-3.5/core' of git://git.kernel.dk/linux-block 2012-05-30 08:52:42 -07:00
Kconfig Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-03-21 13:36:41 -07:00
Kconfig.binfmt C6X: add support to build with BINFMT_ELF_FDPIC 2012-05-15 09:17:34 -04:00
libfs.c vfs: make it possible to access the dentry hash/len as one 64-bit entry 2012-05-10 19:54:35 -07:00
locks.c switch flock to fget_light/fput_light 2012-05-29 23:28:31 -04:00
Makefile fs: initial qnx6fs addition 2012-03-20 21:29:38 -04:00
mbcache.c
mount.h
mpage.c fs: reduce the use of module.h wherever possible 2012-02-28 19:31:58 -05:00
namei.c vfs: retry last component if opening stale dentry 2012-06-01 12:12:01 -04:00
namespace.c vfs: umount_tree() might be called on subtree that had never made it 2012-05-30 21:04:55 -04:00
no-block.c
open.c vfs: make O_PATH file descriptors usable for 'fchdir()' 2012-07-07 17:19:02 -07:00
pipe.c fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
pnode.c brlocks/lglocks: API cleanups 2012-05-29 23:28:41 -04:00
pnode.h
posix_acl.c fs: reduce the use of module.h wherever possible 2012-02-28 19:31:58 -05:00
proc_namespace.c brlocks/lglocks: API cleanups 2012-05-29 23:28:41 -04:00
read_write.c aio/vfs: cleanup of rw_copy_check_uvector() and compat_rw_copy_check_uvector() 2012-05-31 17:49:32 -07:00
read_write.h
readdir.c switch readdir/getdents to fget_light/fput_light 2012-05-29 23:28:29 -04:00
select.c HAVE_RESTORE_SIGMASK is defined on all architectures now 2012-06-01 12:58:46 -04:00
seq_file.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
signalfd.c switch signalfd4() to fget_light/fput_light 2012-05-29 23:28:30 -04:00
splice.c splice: fix racy pipe->buffers uses 2012-06-13 21:16:42 +02:00
stack.c fs: reduce the use of module.h wherever possible 2012-02-28 19:31:58 -05:00
stat.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
statfs.c switch statfs to fget_light/fput_light 2012-05-29 23:28:31 -04:00
super.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
sync.c switch do_fsync() to fget_light() 2012-05-29 23:28:29 -04:00
timerfd.c
utimes.c switch utimes() to fget_light/fput_light 2012-05-29 23:28:32 -04:00
xattr_acl.c fs: reduce the use of module.h wherever possible 2012-02-28 19:31:58 -05:00
xattr.c switch xattr syscalls to fget_light/fput_light 2012-05-29 23:28:30 -04:00