git.openpandora.org / pandora-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 498cdbf) | patch
x86: fix buffer overflow in efi_init()
authorRoel Kluin <roel.kluin@gmail.com>
Thu, 6 Aug 2009 22:58:13 +0000 (15:58 -0700)
committerH. Peter Anvin <hpa@zytor.com>
Sun, 9 Aug 2009 08:08:42 +0000 (01:08 -0700)
commitfdb8a42742ac95606668f73481dfb2f760658fdd
tree5dd433f3190ba47117a7bc849b71eb38878e6c85tree | snapshot
parent498cdbfbcf98e0d2c90a26e6a02a82f043876e48commit | diff
x86: fix buffer overflow in efi_init()

If the vendor name (from c16) can be longer than 100 bytes (or missing a
terminating null), then the null is written past the end of vendor[].

Found with Parfait, http://research.sun.com/projects/parfait/

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Cc: Huang Ying <ying.huang@intel.com>
arch/x86/kernel/efi.c diff | blob | history
Pandora Kernel Repository