projects / platform / kernel / linux-amlogic.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7a2b847) | patch
char: lp: fix possible integer overflow in lp_setup()
authorWilly Tarreau <w@1wt.eu>
Tue, 16 May 2017 17:18:55 +0000 (19:18 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 25 May 2017 13:44:30 +0000 (15:44 +0200)
commit5d263d94a870a774a24acb2a2cc1e79ef39c2416
treedd8eed6005f58494800f0b9deaf807fb91ddaddetree | snapshot
parent7a2b8471ab1243437215468b4da6c5ddfd4d80dacommit | diff
char: lp: fix possible integer overflow in lp_setup()

commit 3e21f4af170bebf47c187c1ff8bf155583c9f3b1 upstream.

The lp_setup() code doesn't apply any bounds checking when passing
"lp=none", and only in this case, resulting in an overflow of the
parport_nr[] array. All versions in Git history are affected.

Reported-By: Roee Hay <roee.hay@hcl.com>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/char/lp.c diff | blob | history
Domain: System / Kernel;