Dan Carpenter 5e7124c4d6 staging: ncpfs: memory corruption in ncp_read_kernel() ... commit 4c41aa24ba upstream. If the server is malicious then *bytes_read could be larger than the size of the "target" buffer. It would lead to memory corruption when we do the memcpy(). Reported-by: Dr Silvio Cesare of InfoSect <Silvio Cesare <silvio.cesare@gmail.com> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2018-03-28 18:39:23 +02:00
..
dir.c	fs: rename "rename2" i_op to "rename"	2016-09-27 11:03:58 +02:00
file.c	wrappers for ->i_mutex access	2016-01-22 18:04:28 -05:00
getopt.c	fs/ncpfs/getopt.c: replace simple_strtoul by kstrtoul	2014-06-04 16:54:21 -07:00
getopt.h	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
inode.c	fs: Give dentry to inode_change_ok() instead of inode	2016-09-22 10:56:19 +02:00
ioctl.c	ncpfs: don't allow negative timeouts	2015-11-20 16:17:32 -08:00
Kconfig	fs/Kconfig: move the rest of ncpfs out	2009-01-22 13:16:01 +03:00
Makefile	fs: change to new flag variable	2011-03-17 14:02:57 +01:00
mmap.c	ncpfs: use file_inode()	2014-11-19 13:01:25 -05:00
ncp_fs_i.h	ncpfs: get rid of d_validate() nonsense	2015-01-25 23:16:26 -05:00
ncp_fs_sb.h	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2014-04-12 17:31:22 -07:00
ncp_fs.h	ncpfs: remove now unused PRINTK macro	2014-04-08 16:48:52 -07:00
ncplib_kernel.c	staging: ncpfs: memory corruption in ncp_read_kernel()	2018-03-28 18:39:23 +02:00
ncplib_kernel.h	mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros	2016-04-04 10:41:08 -07:00
ncpsign_kernel.c	move internal-only parts of ncpfs headers to fs/ncpfs	2011-01-12 20:03:43 -05:00
ncpsign_kernel.h	move internal-only parts of ncpfs headers to fs/ncpfs	2011-01-12 20:03:43 -05:00
sock.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2014-04-12 17:31:22 -07:00
symlink.c	VFS: normal filesystems (and lustre): d_inode() annotations	2015-04-15 15:06:57 -04:00