diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2014-07-03 16:06:57 -0700 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2014-07-06 18:59:12 -0700 |
commit | bbd637d4b8700d4eedbd2cb34cdea8b6b69a27f0 (patch) | |
tree | 2e1b5a4f9af01bb1086e32beae506a756f472c23 /sound/oss/audio.c | |
parent | ac79fd540a0282460a22955753056c4a636b620b (diff) | |
download | kernel-common-bbd637d4b8700d4eedbd2cb34cdea8b6b69a27f0.tar.gz kernel-common-bbd637d4b8700d4eedbd2cb34cdea8b6b69a27f0.tar.bz2 kernel-common-bbd637d4b8700d4eedbd2cb34cdea8b6b69a27f0.zip |
lz4: add overrun checks to lz4_uncompress_unknownoutputsize()
commit 4a3a99045177369700c60d074c0e525e8093b0fc upstream.
Jan points out that I forgot to make the needed fixes to the
lz4_uncompress_unknownoutputsize() function to mirror the changes done
in lz4_decompress() with regards to potential pointer overflows.
The only in-kernel user of this function is the zram code, which only
takes data from a valid compressed buffer that it made itself, so it's
not a big issue. But due to external kernel modules using this
function, it's better to be safe here.
Reported-by: Jan Beulich <JBeulich@suse.com>
Cc: "Don A. Bailey" <donb@securitymouse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'sound/oss/audio.c')
0 files changed, 0 insertions, 0 deletions