r2509 - in trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series
Joshua Kwan
joshk@costa.debian.org
Thu, 17 Feb 2005 20:43:44 +0100
Author: joshk
Date: 2005-02-17 20:43:43 +0100 (Thu, 17 Feb 2005)
New Revision: 2509
Added:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff
Modified:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9
Log:
[CAN-2004-1333] make sure VC resizing fits in 16 bits
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-02-17 19:30:12 UTC (rev 2508)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-02-17 19:43:43 UTC (rev 2509)
@@ -11,11 +11,14 @@
* 134_skb_reset_ip_summed.diff: resolve checksumming exploit in
fragmented packet forwarding (Joshua Kwan)
+
+ * 135_fix_ip_options_leak.diff: [CAN-2004-1335] fix leak of IP options
+ data.
- * 135_fix_ip_options_leak.diff: [CAN-2004-1335] fix leak of IP options
- data.
+ * 136_vc_resizing_overflow.diff: [CAN-2004-1333] make sure VC resizing
+ fits in 16 bits.
- -- Joshua Kwan <joshk@triplehelix.org> Thu, 17 Feb 2005 11:29:09 -0800
+ -- Joshua Kwan <joshk@triplehelix.org> Thu, 17 Feb 2005 11:42:56 -0800
kernel-source-2.4.27 (2.4.27-8) unstable; urgency=high
Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff 2005-02-17 19:30:12 UTC (rev 2508)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/136_vc_resizing_overflow.diff 2005-02-17 19:43:43 UTC (rev 2509)
@@ -0,0 +1,41 @@
+# origin: bk
+# key: 41c01f2bHFmPwBYQmce6Aw0owIyqkg (linux-2.4)
+# description: fix VC resize overflow
+# inclusion: 2.4.29 (backport)
+# revision date: 2005-02-17
+
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2004/12/15 09:25:31-02:00 marcelo@logos.cnet
+# [PATCH] Make sure VC resizing fits in s16
+#
+# Noted by George Guninski
+#
+# drivers/char/console.c
+# 2004/12/15 10:58:17-02:00 marcelo@logos.cnet +6 -0
+# Import patch vc-patch
+#
+diff -Nru a/drivers/char/console.c b/drivers/char/console.c
+--- a/drivers/char/console.c 2005-02-17 11:41:29 -08:00
++++ b/drivers/char/console.c 2005-02-17 11:41:29 -08:00
+@@ -705,6 +705,9 @@
+ return 0;
+ }
+
++#define VC_RESIZE_MAXCOL (32767)
++#define VC_RESIZE_MAXROW (32767)
++
+ /*
+ * Change # of rows and columns (0 means unchanged/the size of fg_console)
+ * [this is to be used together with some user program
+@@ -716,6 +719,9 @@
+ unsigned int cc, ll, ss, sr, todo = 0;
+ unsigned int currcons = fg_console, i;
+ unsigned short *newscreens[MAX_NR_CONSOLES];
++
++ if (cols > VC_RESIZE_MAXCOL || lines > VC_RESIZE_MAXROW)
++ return -EINVAL;
+
+ cc = (cols ? cols : video_num_columns);
+ ll = (lines ? lines : video_num_lines);
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9 2005-02-17 19:30:12 UTC (rev 2508)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9 2005-02-17 19:43:43 UTC (rev 2509)
@@ -1,2 +1,3 @@
+ 134_skb_reset_ip_summed.diff
+ 135_fix_ip_options_leak.diff
++ 136_vc_resizing_overflow.diff