/[linux-patches]/genpatches-2.6/trunk/2.6.12-pre/1005_linux-2.6.11.6.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.12-pre/1005_linux-2.6.11.6.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 4 - (show annotations) (download) (as text)
Sat Jun 11 23:20:41 2005 UTC (15 years, 5 months ago) by dsd
File MIME type: text/x-diff
File size: 7611 byte(s)
Create 2.6.12 branch
1 diff -Nru a/Makefile b/Makefile
2 --- a/Makefile 2005-03-25 19:29:00 -08:00
3 +++ b/Makefile 2005-03-25 19:29:00 -08:00
4 @@ -1,7 +1,7 @@
5 VERSION = 2
6 PATCHLEVEL = 6
7 SUBLEVEL = 11
8 -EXTRAVERSION = .5
9 +EXTRAVERSION = .6
10 NAME=Woozy Numbat
11
12 # *DOCUMENTATION*
13 diff -Nru a/fs/binfmt_elf.c b/fs/binfmt_elf.c
14 --- a/fs/binfmt_elf.c 2005-03-25 19:29:00 -08:00
15 +++ b/fs/binfmt_elf.c 2005-03-25 19:29:00 -08:00
16 @@ -1008,6 +1008,7 @@
17 static int load_elf_library(struct file *file)
18 {
19 struct elf_phdr *elf_phdata;
20 + struct elf_phdr *eppnt;
21 unsigned long elf_bss, bss, len;
22 int retval, error, i, j;
23 struct elfhdr elf_ex;
24 @@ -1031,44 +1032,47 @@
25 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
26
27 error = -ENOMEM;
28 - elf_phdata = (struct elf_phdr *) kmalloc(j, GFP_KERNEL);
29 + elf_phdata = kmalloc(j, GFP_KERNEL);
30 if (!elf_phdata)
31 goto out;
32
33 + eppnt = elf_phdata;
34 error = -ENOEXEC;
35 - retval = kernel_read(file, elf_ex.e_phoff, (char *) elf_phdata, j);
36 + retval = kernel_read(file, elf_ex.e_phoff, (char *)eppnt, j);
37 if (retval != j)
38 goto out_free_ph;
39
40 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
41 - if ((elf_phdata + i)->p_type == PT_LOAD) j++;
42 + if ((eppnt + i)->p_type == PT_LOAD)
43 + j++;
44 if (j != 1)
45 goto out_free_ph;
46
47 - while (elf_phdata->p_type != PT_LOAD) elf_phdata++;
48 + while (eppnt->p_type != PT_LOAD)
49 + eppnt++;
50
51 /* Now use mmap to map the library into memory. */
52 down_write(&current->mm->mmap_sem);
53 error = do_mmap(file,
54 - ELF_PAGESTART(elf_phdata->p_vaddr),
55 - (elf_phdata->p_filesz +
56 - ELF_PAGEOFFSET(elf_phdata->p_vaddr)),
57 + ELF_PAGESTART(eppnt->p_vaddr),
58 + (eppnt->p_filesz +
59 + ELF_PAGEOFFSET(eppnt->p_vaddr)),
60 PROT_READ | PROT_WRITE | PROT_EXEC,
61 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
62 - (elf_phdata->p_offset -
63 - ELF_PAGEOFFSET(elf_phdata->p_vaddr)));
64 + (eppnt->p_offset -
65 + ELF_PAGEOFFSET(eppnt->p_vaddr)));
66 up_write(&current->mm->mmap_sem);
67 - if (error != ELF_PAGESTART(elf_phdata->p_vaddr))
68 + if (error != ELF_PAGESTART(eppnt->p_vaddr))
69 goto out_free_ph;
70
71 - elf_bss = elf_phdata->p_vaddr + elf_phdata->p_filesz;
72 + elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
73 if (padzero(elf_bss)) {
74 error = -EFAULT;
75 goto out_free_ph;
76 }
77
78 - len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
79 - bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
80 + len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr + ELF_MIN_ALIGN - 1);
81 + bss = eppnt->p_memsz + eppnt->p_vaddr;
82 if (bss > len) {
83 down_write(&current->mm->mmap_sem);
84 do_brk(len, bss - len);
85 diff -Nru a/fs/ext2/dir.c b/fs/ext2/dir.c
86 --- a/fs/ext2/dir.c 2005-03-25 19:29:00 -08:00
87 +++ b/fs/ext2/dir.c 2005-03-25 19:29:00 -08:00
88 @@ -592,6 +592,7 @@
89 goto fail;
90 }
91 kaddr = kmap_atomic(page, KM_USER0);
92 + memset(kaddr, 0, chunk_size);
93 de = (struct ext2_dir_entry_2 *)kaddr;
94 de->name_len = 1;
95 de->rec_len = cpu_to_le16(EXT2_DIR_REC_LEN(1));
96 diff -Nru a/fs/isofs/inode.c b/fs/isofs/inode.c
97 --- a/fs/isofs/inode.c 2005-03-25 19:29:00 -08:00
98 +++ b/fs/isofs/inode.c 2005-03-25 19:29:00 -08:00
99 @@ -685,6 +685,8 @@
100 sbi->s_log_zone_size = isonum_723 (h_pri->logical_block_size);
101 sbi->s_max_size = isonum_733(h_pri->volume_space_size);
102 } else {
103 + if (!pri)
104 + goto out_freebh;
105 rootp = (struct iso_directory_record *) pri->root_directory_record;
106 sbi->s_nzones = isonum_733 (pri->volume_space_size);
107 sbi->s_log_zone_size = isonum_723 (pri->logical_block_size);
108 @@ -1394,6 +1396,9 @@
109 unsigned long hashval;
110 struct inode *inode;
111 struct isofs_iget5_callback_data data;
112 +
113 + if (offset >= 1ul << sb->s_blocksize_bits)
114 + return NULL;
115
116 data.block = block;
117 data.offset = offset;
118 diff -Nru a/fs/isofs/rock.c b/fs/isofs/rock.c
119 --- a/fs/isofs/rock.c 2005-03-25 19:29:00 -08:00
120 +++ b/fs/isofs/rock.c 2005-03-25 19:29:00 -08:00
121 @@ -53,6 +53,7 @@
122 if(LEN & 1) LEN++; \
123 CHR = ((unsigned char *) DE) + LEN; \
124 LEN = *((unsigned char *) DE) - LEN; \
125 + if (LEN<0) LEN=0; \
126 if (ISOFS_SB(inode->i_sb)->s_rock_offset!=-1) \
127 { \
128 LEN-=ISOFS_SB(inode->i_sb)->s_rock_offset; \
129 @@ -73,6 +74,10 @@
130 offset1 = 0; \
131 pbh = sb_bread(DEV->i_sb, block); \
132 if(pbh){ \
133 + if (offset > pbh->b_size || offset + cont_size > pbh->b_size){ \
134 + brelse(pbh); \
135 + goto out; \
136 + } \
137 memcpy(buffer + offset1, pbh->b_data + offset, cont_size - offset1); \
138 brelse(pbh); \
139 chr = (unsigned char *) buffer; \
140 @@ -103,12 +108,13 @@
141 struct rock_ridge * rr;
142 int sig;
143
144 - while (len > 1){ /* There may be one byte for padding somewhere */
145 + while (len > 2){ /* There may be one byte for padding somewhere */
146 rr = (struct rock_ridge *) chr;
147 - if (rr->len == 0) goto out; /* Something got screwed up here */
148 + if (rr->len < 3) goto out; /* Something got screwed up here */
149 sig = isonum_721(chr);
150 chr += rr->len;
151 len -= rr->len;
152 + if (len < 0) goto out; /* corrupted isofs */
153
154 switch(sig){
155 case SIG('R','R'):
156 @@ -122,6 +128,7 @@
157 break;
158 case SIG('N','M'):
159 if (truncate) break;
160 + if (rr->len < 5) break;
161 /*
162 * If the flags are 2 or 4, this indicates '.' or '..'.
163 * We don't want to do anything with this, because it
164 @@ -186,12 +193,13 @@
165 struct rock_ridge * rr;
166 int rootflag;
167
168 - while (len > 1){ /* There may be one byte for padding somewhere */
169 + while (len > 2){ /* There may be one byte for padding somewhere */
170 rr = (struct rock_ridge *) chr;
171 - if (rr->len == 0) goto out; /* Something got screwed up here */
172 + if (rr->len < 3) goto out; /* Something got screwed up here */
173 sig = isonum_721(chr);
174 chr += rr->len;
175 len -= rr->len;
176 + if (len < 0) goto out; /* corrupted isofs */
177
178 switch(sig){
179 #ifndef CONFIG_ZISOFS /* No flag for SF or ZF */
180 @@ -462,7 +470,7 @@
181 struct rock_ridge *rr;
182
183 if (!ISOFS_SB(inode->i_sb)->s_rock)
184 - panic ("Cannot have symlink with high sierra variant of iso filesystem\n");
185 + goto error;
186
187 block = ei->i_iget5_block;
188 lock_kernel();
189 @@ -487,13 +495,15 @@
190 SETUP_ROCK_RIDGE(raw_inode, chr, len);
191
192 repeat:
193 - while (len > 1) { /* There may be one byte for padding somewhere */
194 + while (len > 2) { /* There may be one byte for padding somewhere */
195 rr = (struct rock_ridge *) chr;
196 - if (rr->len == 0)
197 + if (rr->len < 3)
198 goto out; /* Something got screwed up here */
199 sig = isonum_721(chr);
200 chr += rr->len;
201 len -= rr->len;
202 + if (len < 0)
203 + goto out; /* corrupted isofs */
204
205 switch (sig) {
206 case SIG('R', 'R'):
207 @@ -543,6 +553,7 @@
208 fail:
209 brelse(bh);
210 unlock_kernel();
211 + error:
212 SetPageError(page);
213 kunmap(page);
214 unlock_page(page);
215 diff -Nru a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
216 --- a/net/bluetooth/af_bluetooth.c 2005-03-25 19:29:00 -08:00
217 +++ b/net/bluetooth/af_bluetooth.c 2005-03-25 19:29:00 -08:00
218 @@ -64,7 +64,7 @@
219
220 int bt_sock_register(int proto, struct net_proto_family *ops)
221 {
222 - if (proto >= BT_MAX_PROTO)
223 + if (proto < 0 || proto >= BT_MAX_PROTO)
224 return -EINVAL;
225
226 if (bt_proto[proto])
227 @@ -77,7 +77,7 @@
228
229 int bt_sock_unregister(int proto)
230 {
231 - if (proto >= BT_MAX_PROTO)
232 + if (proto < 0 || proto >= BT_MAX_PROTO)
233 return -EINVAL;
234
235 if (!bt_proto[proto])
236 @@ -92,7 +92,7 @@
237 {
238 int err = 0;
239
240 - if (proto >= BT_MAX_PROTO)
241 + if (proto < 0 || proto >= BT_MAX_PROTO)
242 return -EINVAL;
243
244 #if defined(CONFIG_KMOD)

  ViewVC Help
Powered by ViewVC 1.1.20