diff options
| author | Linus Torvalds <[email protected]> | 2018-08-02 08:43:35 -0700 | 
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2018-08-02 09:32:23 -0700 | 
| commit | 71755ee5350b63fb1f283de8561cdb61b47f4d1d (patch) | |
| tree | cfca6c7e5f8f30014724b955c845a1a2e80d95e5 /include/linux/fpga/fpga-region.h | |
| parent | 6b4703768268d09ac928c64474fd686adf4574f9 (diff) | |
squashfs: more metadata hardening
The squashfs fragment reading code doesn't actually verify that the
fragment is inside the fragment table.  The end result _is_ verified to
be inside the image when actually reading the fragment data, but before
that is done, we may end up taking a page fault because the fragment
table itself might not even exist.
Another report from Anatoly and his endless squashfs image fuzzing.
Reported-by: Анатолий Тросиненко <[email protected]>
Acked-by:: Phillip Lougher <[email protected]>,
Cc: Willy Tarreau <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'include/linux/fpga/fpga-region.h')
0 files changed, 0 insertions, 0 deletions