[kernel-sec-discuss] r768 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Apr 29 20:50:05 UTC 2007
Author: jmm
Date: 2007-04-29 20:50:05 +0000 (Sun, 29 Apr 2007)
New Revision: 768
Removed:
active/CVE-2007-0772.patch
Log:
remove patch no longer needed
Deleted: active/CVE-2007-0772.patch
===================================================================
--- active/CVE-2007-0772.patch 2007-04-29 20:48:51 UTC (rev 767)
+++ active/CVE-2007-0772.patch 2007-04-29 20:50:05 UTC (rev 768)
@@ -1,54 +0,0 @@
-commit e162a033a5882bde0c3bf5a07ee2119f9535cd8c
-Author: Greg Banks <gnb at sgi.com>
-Date: Tue Feb 20 10:12:34 2007 +1100
-
- [PATCH] Fix a free-wrong-pointer bug in nfs/acl server (CVE-2007-0772)
-
- Due to type confusion, when an nfsacl verison 2 'ACCESS' request
- finishes and tries to clean up, it calls fh_put on entiredly the
- wrong thing and this can cause an oops.
-
- Signed-off-by: Neil Brown <neilb at suse.de>
- Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
- Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
-
-diff --git a/fs/nfsd/nfs2acl.c b/fs/nfsd/nfs2acl.c
-index edde5dc..b617428 100644
---- a/fs/nfsd/nfs2acl.c
-+++ b/fs/nfsd/nfs2acl.c
-@@ -287,13 +287,20 @@ static int nfsaclsvc_release_getacl(struct svc_rqst *rqstp, __be32 *p,
- return 1;
- }
-
--static int nfsaclsvc_release_fhandle(struct svc_rqst *rqstp, __be32 *p,
-- struct nfsd_fhandle *resp)
-+static int nfsaclsvc_release_attrstat(struct svc_rqst *rqstp, __be32 *p,
-+ struct nfsd_attrstat *resp)
- {
- fh_put(&resp->fh);
- return 1;
- }
-
-+static int nfsaclsvc_release_access(struct svc_rqst *rqstp, __be32 *p,
-+ struct nfsd3_accessres *resp)
-+{
-+ fh_put(&resp->fh);
-+ return 1;
-+}
-+
- #define nfsaclsvc_decode_voidargs NULL
- #define nfsaclsvc_encode_voidres NULL
- #define nfsaclsvc_release_void NULL
-@@ -322,9 +329,9 @@ struct nfsd3_voidargs { int dummy; };
- static struct svc_procedure nfsd_acl_procedures2[] = {
- PROC(null, void, void, void, RC_NOCACHE, ST),
- PROC(getacl, getacl, getacl, getacl, RC_NOCACHE, ST+1+2*(1+ACL)),
-- PROC(setacl, setacl, attrstat, fhandle, RC_NOCACHE, ST+AT),
-- PROC(getattr, fhandle, attrstat, fhandle, RC_NOCACHE, ST+AT),
-- PROC(access, access, access, fhandle, RC_NOCACHE, ST+AT+1),
-+ PROC(setacl, setacl, attrstat, attrstat, RC_NOCACHE, ST+AT),
-+ PROC(getattr, fhandle, attrstat, attrstat, RC_NOCACHE, ST+AT),
-+ PROC(access, access, access, access, RC_NOCACHE, ST+AT+1),
- };
-
- struct svc_version nfsd_acl_version2 = {
More information about the kernel-sec-discuss
mailing list