2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-27 06:34:11 +08:00
linux-next/drivers/cdrom
Dan Carpenter 9de4ee4054 cdrom: information leak in cdrom_ioctl_media_changed()
This cast is wrong.  "cdi->capacity" is an int and "arg" is an unsigned
long.  The way the check is written now, if one of the high 32 bits is
set then we could read outside the info->slots[] array.

This bug is pretty old and it predates git.

Reviewed-by: Christoph Hellwig <hch@lst.de>
Cc: stable@vger.kernel.org
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2018-04-18 08:21:32 -06:00
..
cdrom.c cdrom: information leak in cdrom_ioctl_media_changed() 2018-04-18 08:21:32 -06:00
gdrom.c cdrom: do not call check_disk_change() inside cdrom_open() 2018-03-09 08:06:35 -07:00
Makefile Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block 2017-11-14 15:32:19 -08:00