[kernel-sec-discuss] r768 - active

Sun Apr 29 20:50:05 UTC 2007

Author: jmm
Date: 2007-04-29 20:50:05 +0000 (Sun, 29 Apr 2007)
New Revision: 768

Removed:
   active/CVE-2007-0772.patch
Log:
remove patch no longer needed


Deleted: active/CVE-2007-0772.patch
===================================================================

--- active/CVE-2007-0772.patch	2007-04-29 20:48:51 UTC (rev 767)
+++ active/CVE-2007-0772.patch	2007-04-29 20:50:05 UTC (rev 768)
@@ -1,54 +0,0 @@
-commit e162a033a5882bde0c3bf5a07ee2119f9535cd8c
-Author: Greg Banks <gnb at sgi.com>
-Date:   Tue Feb 20 10:12:34 2007 +1100
-
-    [PATCH] Fix a free-wrong-pointer bug in nfs/acl server (CVE-2007-0772)
-    
-    Due to type confusion, when an nfsacl verison 2 'ACCESS' request
-    finishes and tries to clean up, it calls fh_put on entiredly the
-    wrong thing and this can cause an oops.
-    
-    Signed-off-by: Neil Brown <neilb at suse.de>
-    Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
-    Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
-
-diff --git a/fs/nfsd/nfs2acl.c b/fs/nfsd/nfs2acl.c
-index edde5dc..b617428 100644
---- a/fs/nfsd/nfs2acl.c
-+++ b/fs/nfsd/nfs2acl.c
-@@ -287,13 +287,20 @@ static int nfsaclsvc_release_getacl(struct svc_rqst *rqstp, __be32 *p,
- 	return 1;
- }
- 
--static int nfsaclsvc_release_fhandle(struct svc_rqst *rqstp, __be32 *p,
--		struct nfsd_fhandle *resp)
-+static int nfsaclsvc_release_attrstat(struct svc_rqst *rqstp, __be32 *p,
-+		struct nfsd_attrstat *resp)
- {
- 	fh_put(&resp->fh);
- 	return 1;
- }
- 
-+static int nfsaclsvc_release_access(struct svc_rqst *rqstp, __be32 *p,
-+               struct nfsd3_accessres *resp)
-+{
-+       fh_put(&resp->fh);
-+       return 1;
-+}
-+
- #define nfsaclsvc_decode_voidargs	NULL
- #define nfsaclsvc_encode_voidres	NULL
- #define nfsaclsvc_release_void		NULL
-@@ -322,9 +329,9 @@ struct nfsd3_voidargs { int dummy; };
- static struct svc_procedure		nfsd_acl_procedures2[] = {
-   PROC(null,	void,		void,		void,	  RC_NOCACHE, ST),
-   PROC(getacl,	getacl,		getacl,		getacl,	  RC_NOCACHE, ST+1+2*(1+ACL)),
--  PROC(setacl,	setacl,		attrstat,	fhandle,  RC_NOCACHE, ST+AT),
--  PROC(getattr, fhandle,	attrstat,	fhandle,  RC_NOCACHE, ST+AT),
--  PROC(access,	access,		access,		fhandle,  RC_NOCACHE, ST+AT+1),
-+  PROC(setacl,	setacl,		attrstat,	attrstat, RC_NOCACHE, ST+AT),
-+  PROC(getattr, fhandle,	attrstat,	attrstat, RC_NOCACHE, ST+AT),
-+  PROC(access,	access,		access,		access,   RC_NOCACHE, ST+AT+1),
- };
- 
- struct svc_version	nfsd_acl_version2 = {


