www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Willy Tarreau <w@1wt.eu>
	Tue, 16 May 2017 17:18:55 +0000 (19:18 +0200)
committer	Kirtikar Kashyap <kirtikar.kashyap@oracle.com>
	Thu, 13 Jul 2017 20:50:07 +0000 (13:50 -0700)
commit	42bf9ea74dfa59a61c5b5b92805b4e75dd0532c4
tree	5335145256011256c0178d3c7ed466f319e67d31	tree
parent	13757272bec28f1b8be59f56292e8f17076923b3	commit \| diff

char: lp: fix possible integer overflow in lp_setup()

The lp_setup() code doesn't apply any bounds checking when passing
"lp=none", and only in this case, resulting in an overflow of the
parport_nr[] array. All versions in Git history are affected.

Reported-By: Roee Hay <roee.hay@hcl.com>
Cc: Ben Hutchings <ben@decadent.org.uk>
Cc: stable@vger.kernel.org
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 3e21f4af170bebf47c187c1ff8bf155583c9f3b1)

Orabug: 26174869
CVE-2017-1000363

Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>
Reviewed-by: Jack Vogel <jack.vogel@oracle.com>