[Bug 196483] [patch] change vfs_setopt{,_part}(...)'s len parameter to fix possible DoS
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Jan 4 13:32:44 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196483
Bug ID: 196483
Summary: [patch] change vfs_setopt{,_part}(...)'s len parameter
to fix possible DoS
Product: Base System
Version: 10.1-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: op at freebsd.org
Created attachment 151321
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=151321&action=edit
0001-HBSD-change-vfs_setopt-_part-.-s-len-type-to-check-b.patch
The bcopy(...) expected size_t (aka unsigned) len parameter, but in
vfs_setopt{,_part}(...) the len parameter is signed, which will cause possible
DoS in some scenarios.
After this change, the vfs_setopt{,_part}(...) function properly checks the
constraints.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list