linux/fs/xfs
Dan Carpenter 071c529eb6 xfs: underflow bug in xfs_attrlist_by_handle()
If we allocate less than sizeof(struct attrlist) then we end up
corrupting memory or doing a ZERO_PTR_SIZE dereference.

This can only be triggered with CAP_SYS_ADMIN.

Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Fabian Yamaguchi <fabs@goesec.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
2013-12-04 14:23:46 -06:00
..
Kconfig xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
Makefile xfs: abstract the differences in dir2/dir3 via an ops vector 2013-10-30 13:37:38 -05:00
kmem.c xfs: simplify kmem_{zone_}zalloc 2013-11-06 16:31:27 -06:00
kmem.h xfs: simplify kmem_{zone_}zalloc 2013-11-06 16:31:27 -06:00
mrlock.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
time.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
uuid.c xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
uuid.h xfs: add CRC infrastructure 2012-11-19 20:11:24 -06:00
xfs.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_acl.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_acl.h xfs: increase number of ACL entries for V5 superblocks 2013-06-06 10:52:15 -05:00
xfs_ag.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_alloc.c xfs: add tracepoints to AGF/AGI read operations 2013-11-06 12:42:52 -06:00
xfs_alloc.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_alloc_btree.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_alloc_btree.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_aops.c xfs: prevent stack overflows from page cache allocation 2013-10-30 15:44:51 -05:00
xfs_aops.h direct-io: Implement generic deferred AIO completions 2013-09-04 09:23:46 -04:00
xfs_attr.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_attr.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_attr_inactive.c xfs: vectorise encoding/decoding directory headers 2013-10-30 13:47:22 -05:00
xfs_attr_leaf.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_attr_leaf.h xfs: unify directory/attribute format definitions 2013-10-23 14:21:40 -05:00
xfs_attr_list.c xfs: vectorise encoding/decoding directory headers 2013-10-30 13:47:22 -05:00
xfs_attr_remote.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_attr_remote.h xfs: unify directory/attribute format definitions 2013-10-23 14:21:40 -05:00
xfs_attr_sf.h
xfs_bit.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_bit.h
xfs_bmap.c xfs: fix unlock in xfs_bmap_add_attrfork 2013-11-18 09:12:54 -06:00
xfs_bmap.h xfs: remove __KERNEL__ from debug code 2013-08-12 16:58:37 -05:00
xfs_bmap_btree.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_bmap_btree.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_bmap_util.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_bmap_util.h xfs: fold xfs_change_file_space into xfs_ioc_space 2013-10-21 16:57:03 -05:00
xfs_btree.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_btree.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_buf.c xfs: simplify xfs_setsize_buftarg callchain; remove unused arg 2013-12-04 13:53:34 -06:00
xfs_buf.h xfs: rework buffer dispose list tracking 2013-09-10 18:56:31 -04:00
xfs_buf_item.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_buf_item.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_cksum.h xfs: add CRC infrastructure 2012-11-19 20:11:24 -06:00
xfs_da_btree.c xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_da_btree.h xfs: abstract the differences in dir2/dir3 via an ops vector 2013-10-30 13:37:38 -05:00
xfs_da_format.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_da_format.h xfs: convert directory vector functions to constants 2013-10-30 13:48:41 -05:00
xfs_dinode.h xfs: di_flushiter considered harmful 2013-07-25 10:41:42 -05:00
xfs_dir2.c xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_dir2.h xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_dir2_block.c xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_dir2_data.c xfs: validity check the directory block leaf entry count 2013-10-30 13:57:14 -05:00
xfs_dir2_leaf.c xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_dir2_node.c xfs:xfs_dir2_node.c: pointer use before check for null 2013-10-30 15:53:14 -05:00
xfs_dir2_priv.h xfs: vectorise encoding/decoding directory headers 2013-10-30 13:47:22 -05:00
xfs_dir2_readdir.c xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_dir2_sf.c xfs: convert directory vector functions to constants 2013-10-30 13:49:18 -05:00
xfs_discard.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_discard.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_dquot.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_dquot.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_dquot_buf.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_dquot_item.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_dquot_item.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_error.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_error.h
xfs_export.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_export.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_extent_busy.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_extent_busy.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_extfree_item.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_extfree_item.h xfs: split out EFI/EFD log item format definition 2013-08-12 16:07:13 -05:00
xfs_file.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_filestream.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_filestream.h xfs: xfs_filestreams.h doesn't need __KERNEL__ 2013-08-12 17:00:11 -05:00
xfs_format.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_fs.h xfs: add the inode directory type support to XFS_IOC_FSGEOM 2013-10-08 14:28:09 -05:00
xfs_fsops.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_fsops.h
xfs_globals.c xfs: add background scanning to clear eofblocks inodes 2012-11-08 15:34:59 -06:00
xfs_ialloc.c xfs: add tracepoints to AGF/AGI read operations 2013-11-06 12:42:52 -06:00
xfs_ialloc.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_ialloc_btree.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_ialloc_btree.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_icache.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_icache.h xfs: update #2 for v3.12-rc1 2013-09-12 16:13:41 -07:00
xfs_icreate_item.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_icreate_item.h xfs: separate icreate log format definitions from xfs_icreate_item.h 2013-08-12 16:10:35 -05:00
xfs_inode.c xfs: xfs_remove deadlocks due to inverted AGF vs AGI lock ordering 2013-11-04 13:18:48 -06:00
xfs_inode.h xfs: abstract the differences in dir2/dir3 via an ops vector 2013-10-30 13:37:38 -05:00
xfs_inode_buf.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_inode_buf.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_inode_fork.c xfs: fix the extent count when allocating an new indirection array entry 2013-10-31 16:43:19 -05:00
xfs_inode_fork.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_inode_item.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_inode_item.h xfs: split out inode log item format definition 2013-08-12 16:05:19 -05:00
xfs_inum.h xfs: move xfsagino_t to xfs_types.h 2012-05-14 16:20:54 -05:00
xfs_ioctl.c xfs: underflow bug in xfs_attrlist_by_handle() 2013-12-04 14:23:46 -06:00
xfs_ioctl.h xfs: consolidate extent swap code 2013-08-12 16:56:06 -05:00
xfs_ioctl32.c xfs: underflow bug in xfs_attrlist_by_handle() 2013-12-04 14:23:46 -06:00
xfs_ioctl32.h xfs: remove subdirectories 2011-08-12 16:21:35 -05:00
xfs_iomap.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_iomap.h xfs: get rid of count from xfs_iomap_write_allocate() 2013-10-01 15:42:34 -05:00
xfs_iops.c xfs: prevent stack overflows from page cache allocation 2013-10-30 15:44:51 -05:00
xfs_iops.h xfs: fold xfs_change_file_space into xfs_ioc_space 2013-10-21 16:57:03 -05:00
xfs_itable.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_itable.h
xfs_linux.h xfs: remove two unused macro definitions in xfs_linux.h 2013-08-20 15:30:23 -05:00
xfs_log.c xfs: trace AIL manipulations 2013-11-06 12:41:51 -06:00
xfs_log.h xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_log_cil.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_log_format.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_log_priv.h xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_log_recover.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_log_recover.h
xfs_log_rlimit.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_message.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_message.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_mount.c xfs: increase inode cluster size for v5 filesystems 2013-11-18 09:29:36 -06:00
xfs_mount.h xfs: increase inode cluster size for v5 filesystems 2013-11-18 09:29:36 -06:00
xfs_mru_cache.c
xfs_mru_cache.h
xfs_qm.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_qm.h xfs: split dquot buffer operations out 2013-10-23 14:28:35 -05:00
xfs_qm_bhv.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_qm_syscalls.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_quota.h xfs: split dquot buffer operations out 2013-10-23 14:28:35 -05:00
xfs_quota_defs.h xfs: split dquot buffer operations out 2013-10-23 14:28:35 -05:00
xfs_quota_priv.h xfs: use per-filesystem radix trees for dquot lookup 2012-03-14 11:09:06 -05:00
xfs_quotaops.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_rtalloc.c xfs: split xfs_rtalloc.c for userspace sanity 2013-10-23 17:16:32 -05:00
xfs_rtalloc.h xfs: split xfs_rtalloc.c for userspace sanity 2013-10-23 17:16:32 -05:00
xfs_rtbitmap.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_sb.c xfs: be more forgiving of a v4 secondary sb w/ junk in v5 fields 2013-10-30 16:38:29 -05:00
xfs_sb.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_shared.h xfs: create a shared header file for format-related information 2013-10-23 14:11:30 -05:00
xfs_stats.c xfs: use common code for quota statistics 2012-03-14 11:09:06 -05:00
xfs_stats.h xfs: use common code for quota statistics 2012-03-14 11:09:06 -05:00
xfs_super.c xfs: update for v3.13-rc1 2013-11-14 17:16:35 +09:00
xfs_super.h xfs: xfs_sync_data is redundant. 2012-10-17 12:01:25 -05:00
xfs_symlink.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_symlink.h xfs: push down inactive transaction mgmt for remote symlinks 2013-10-08 14:53:02 -05:00
xfs_symlink_remote.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_sysctl.c xfs: Convert use of typedef ctl_table to struct ctl_table 2013-06-17 17:42:25 -05:00
xfs_sysctl.h xfs: add background scanning to clear eofblocks inodes 2012-11-08 15:34:59 -06:00
xfs_trace.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_trace.h xfs: add tracepoints to AGF/AGI read operations 2013-11-06 12:42:52 -06:00
xfs_trans.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_trans.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_trans_ail.c xfs: trace AIL manipulations 2013-11-06 12:41:51 -06:00
xfs_trans_buf.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_trans_dquot.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_trans_extfree.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_trans_inode.c xfs: open code inc_inode_iversion when logging an inode 2013-11-18 09:42:08 -06:00
xfs_trans_priv.h xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_trans_resv.c xfs: increase inode cluster size for v5 filesystems 2013-11-18 09:29:36 -06:00
xfs_trans_resv.h xfs: Get rid of all XFS_XXX_LOG_RES() macro 2013-08-12 17:48:08 -05:00
xfs_trans_space.h
xfs_types.h xfs: Add read-only support for dirent filetype field 2013-08-22 08:40:24 -05:00
xfs_vnode.h xfs: remove unused FI_ flags 2013-12-04 14:11:05 -06:00
xfs_xattr.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00