HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS349657

MFC r349268: nandsim: correct test to avoid out-of-bounds access
rS349657
Actions

Description

MFC r349268: nandsim: correct test to avoid out-of-bounds access

Previously nandsim_chip_status returned EINVAL iff both of user-provided
chip->ctrl_num and chip->num were out of bounds. If only one failed the
bounds check arbitrary memory would be read and returned.

The NAND framework is not built by default, nandsim is not intended for
production use (it is a simulator), and the nandsim device has root-only
permissions.

admbugs: 827
Reported by: Daniel Hodson of elttam
Security: kernel information leak or DoS
Sponsored by: The FreeBSD Foundation

Details

Provenance
emasteAuthored on
Parents
rS349656: bhyve/audio: don't leak resources on failed initialization.
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
stable/
12/
sys/
dev/
nand/

rS349657

View Options

stable/12/

Loading...
View Options

stable/12/sys/dev/nand/nandsim.c

Loading...