raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2025-12-06 10:00:17 +00:00
Code Issues Projects Releases Wiki Activity

seq_file: disallow extremely large seq buffer allocations

Browse Source 
commit 8cae8cd89f upstream.

There is no reasonable need for a buffer larger than this, and it avoids
int overflow pitfalls.

Fixes: 058504edd0 ("fs/seq_file: fallback to vmalloc allocation")
Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
Reported-by: Qualys Security Advisory <qsa@qualys.com>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Eric Sandeen
2021-07-13 17:49:23 +02:00
committed by Greg Kroah-Hartman
parent b33aa0dbd7
commit 174c34d9cd
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
fs/seq_file.c
View File

@@ -32,6 +32,9 @@ static void seq_set_overflow(struct seq_file *m)
static void *seq_buf_alloc(unsigned long size)
{
if (unlikely(size > MAX_RW_COUNT))
return NULL;
return kvmalloc(size, GFP_KERNEL_ACCOUNT);
}