ubifs_dump_node must bounds check ubifs_ch->len

Daniel Mentz danielmentz at google.com
Tue Sep 9 16:25:28 PDT 2014


On Mon, Sep 8, 2014 at 3:50 AM, Artem Bityutskiy <dedekind1 at gmail.com> wrote:
> On Thu, 2014-08-28 at 15:37 -0700, Daniel Mentz wrote:
>> I believe that ubifs_dump_node() must bounds check ch->len in the
>> UBIFS_DATA_NODE case. It currently does not which resulted in a crash
>> on a system. See below.
> Will I feel lucky asking you whether you was going to send a patch? :-)

Thanks for your comments. Yes I'm working on a patch, but I'm not sure
when it's going to be ready.



More information about the linux-mtd mailing list