mirror of
https://github.com/adulau/aha.git
synced 2024-12-27 19:26:25 +00:00
[SCSI] gdth: Prevent negative offsets in ioctl CVE-2009-3080
A negative offset could be used to index before the event buffer and lead to a security breach. Signed-off-by: Dave Jones <davej@redhat.com> Cc: Stable Tree <stable@kernel.org> Signed-off-by: James Bottomley <James.Bottomley@suse.de>
This commit is contained in:
parent
198439e4af
commit
690e744869
1 changed files with 1 additions and 1 deletions
|
@ -2900,7 +2900,7 @@ static int gdth_read_event(gdth_ha_str *ha, int handle, gdth_evt_str *estr)
|
|||
eindex = handle;
|
||||
estr->event_source = 0;
|
||||
|
||||
if (eindex >= MAX_EVENTS) {
|
||||
if (eindex < 0 || eindex >= MAX_EVENTS) {
|
||||
spin_unlock_irqrestore(&ha->smp_lock, flags);
|
||||
return eindex;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue