r2509 - in trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series

Joshua Kwan joshk@costa.debian.org
Thu, 17 Feb 2005 20:43:44 +0100 

Author: joshk
Date: 2005-02-17 20:43:43 +0100 (Thu, 17 Feb 2005)
New Revision: 2509

Added:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff
Modified:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9
Log:
[CAN-2004-1333] make sure VC resizing fits in 16 bits

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-02-17 19:30:12 UTC (rev 2508)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-02-17 19:43:43 UTC (rev 2509)
@@ -11,11 +11,14 @@
 
   * 134_skb_reset_ip_summed.diff: resolve checksumming exploit in
     fragmented packet forwarding (Joshua Kwan)
+
+  * 135_fix_ip_options_leak.diff: [CAN-2004-1335] fix leak of IP options
+    data.
   
-  * 135_fix_ip_options_leak.diff: [CAN-2004-1335] fix leak of IP options
-    data. 
+  * 136_vc_resizing_overflow.diff: [CAN-2004-1333] make sure VC resizing
+    fits in 16 bits.
 
- -- Joshua Kwan <joshk@triplehelix.org>  Thu, 17 Feb 2005 11:29:09 -0800
+ -- Joshua Kwan <joshk@triplehelix.org>  Thu, 17 Feb 2005 11:42:56 -0800
 
 kernel-source-2.4.27 (2.4.27-8) unstable; urgency=high
 

Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff	2005-02-17 19:30:12 UTC (rev 2508)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff	2005-02-17 19:43:43 UTC (rev 2509)
@@ -0,0 +1,41 @@
+# origin: bk
+# key: 41c01f2bHFmPwBYQmce6Aw0owIyqkg (linux-2.4)
+# description: fix VC resize overflow
+# inclusion: 2.4.29 (backport)
+# revision date: 2005-02-17
+
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2004/12/15 09:25:31-02:00 marcelo@logos.cnet 
+#   [PATCH] Make sure VC resizing fits in s16
+#   
+#   Noted by George Guninski
+# 
+# drivers/char/console.c
+#   2004/12/15 10:58:17-02:00 marcelo@logos.cnet +6 -0
+#   Import patch vc-patch
+# 
+diff -Nru a/drivers/char/console.c b/drivers/char/console.c
+--- a/drivers/char/console.c	2005-02-17 11:41:29 -08:00
++++ b/drivers/char/console.c	2005-02-17 11:41:29 -08:00
+@@ -705,6 +705,9 @@
+ 	return 0;
+ }
+ 
++#define VC_RESIZE_MAXCOL (32767)
++#define VC_RESIZE_MAXROW (32767)
++
+ /*
+  * Change # of rows and columns (0 means unchanged/the size of fg_console)
+  * [this is to be used together with some user program
+@@ -716,6 +719,9 @@
+ 	unsigned int cc, ll, ss, sr, todo = 0;
+ 	unsigned int currcons = fg_console, i;
+ 	unsigned short *newscreens[MAX_NR_CONSOLES];
++
++	if (cols > VC_RESIZE_MAXCOL || lines > VC_RESIZE_MAXROW)
++		return -EINVAL;
+ 
+ 	cc = (cols ? cols : video_num_columns);
+ 	ll = (lines ? lines : video_num_lines);

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9	2005-02-17 19:30:12 UTC (rev 2508)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9	2005-02-17 19:43:43 UTC (rev 2509)
@@ -1,2 +1,3 @@
 + 134_skb_reset_ip_summed.diff
 + 135_fix_ip_options_leak.diff
++ 136_vc_resizing_overflow.diff