r2704 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series
Andres Salomon
dilinger-guest@costa.debian.org
Mon, 14 Mar 2005 11:03:51 +0100
Author: dilinger-guest
Date: 2005-03-14 11:03:46 +0100 (Mon, 14 Mar 2005)
New Revision: 2704
Added:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/115-proc_file_read_nbytes_signedness_fix.dpatch
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/116-n_tty_copy_from_read_buf_signedness_fixes.dpatch
Modified:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14
Log:
* [SECURITY] 115-proc_file_read_nbytes_signedness_fix.dpatch
Heap overflow fix in /proc; WDYBTGT3-1 on
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
No CAN# assigned yet, afaik (Andres Salomon).
* [SECURITY] 116-n_tty_copy_from_read_buf_signedness_fixes.dpatch
copy_from_read_buf() fix; WDYBTGT3-2 on
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
No CAN#, yet (Andres Salomon).
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-03-14 10:02:12 UTC (rev 2703)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-03-14 10:03:46 UTC (rev 2704)
@@ -81,6 +81,16 @@
incorrect values, and are not strict enough in checking the number of
program headers (Andres Salomon).
+ * [SECURITY] 115-proc_file_read_nbytes_signedness_fix.dpatch
+ Heap overflow fix in /proc; WDYBTGT3-1 on
+ http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
+ No CAN# assigned yet, afaik (Andres Salomon).
+
+ * [SECURITY] 116-n_tty_copy_from_read_buf_signedness_fixes.dpatch
+ copy_from_read_buf() fix; WDYBTGT3-2 on
+ http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
+ No CAN#, yet (Andres Salomon).
+
-- Joshua Kwan <joshk@triplehelix.org> Mon, 14 Mar 2005 00:03:12 -0800
kernel-source-2.6.8 (2.6.8-13) unstable; urgency=high
Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/115-proc_file_read_nbytes_signedness_fix.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/115-proc_file_read_nbytes_signedness_fix.dpatch 2005-03-14 10:02:12 UTC (rev 2703)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/115-proc_file_read_nbytes_signedness_fix.dpatch 2005-03-14 10:03:46 UTC (rev 2704)
@@ -0,0 +1,36 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [PATCH] Fix signed compare in fs/proc/generic.c::proc_file_read()
+## DP: Patch author: guninski@guninski.com
+## DP: Upstream status: backport
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2005/02/02 17:42:38-08:00 guninski@guninski.com
+# [PATCH] Fix signed compare in fs/proc/generic.c::proc_file_read()
+#
+# Acked-by: Marcelo Tosatti <marcelo.tosatti@cyclades.com>
+# Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+#
+# fs/proc/generic.c
+# 2005/01/30 07:58:00-08:00 guninski@guninski.com +1 -1
+# Fix signed compare in fs/proc/generic.c::proc_file_read()
+#
+diff -Nru a/fs/proc/generic.c b/fs/proc/generic.c
+--- a/fs/proc/generic.c 2005-02-14 01:28:32 -08:00
++++ b/fs/proc/generic.c 2005-02-14 01:28:32 -08:00
+@@ -60,7 +60,7 @@
+ return -ENOMEM;
+
+ while ((nbytes > 0) && !eof) {
+- count = min_t(ssize_t, PROC_BLOCK_SIZE, nbytes);
++ count = min_t(size_t, PROC_BLOCK_SIZE, nbytes);
+
+ start = NULL;
+ if (dp->get_info) {
Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/116-n_tty_copy_from_read_buf_signedness_fixes.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/116-n_tty_copy_from_read_buf_signedness_fixes.dpatch 2005-03-14 10:02:12 UTC (rev 2703)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/116-n_tty_copy_from_read_buf_signedness_fixes.dpatch 2005-03-14 10:03:46 UTC (rev 2704)
@@ -0,0 +1,45 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [PATCH] Fix sign checks in copy_from_read_buf()
+## DP: Patch author: guninski@guninski.com
+## DP: Upstream status: backport
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2005/02/02 17:41:06-08:00 guninski@guninski.com
+# [PATCH] Fix sign checks in copy_from_read_buf()
+#
+# Fix signedness and remove the now unnecessary cast.
+#
+# Acked-by: Marcelo Tosatti <marcelo.tosatti@cyclades.com>
+# Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+#
+# drivers/char/n_tty.c
+# 2005/01/30 07:56:05-08:00 guninski@guninski.com +2 -2
+# Fix sign checks in copy_from_read_buf()
+#
+diff -Nru a/drivers/char/n_tty.c b/drivers/char/n_tty.c
+--- a/drivers/char/n_tty.c 2005-02-14 01:28:08 -08:00
++++ b/drivers/char/n_tty.c 2005-02-14 01:28:08 -08:00
+@@ -1143,13 +1143,13 @@
+
+ {
+ int retval;
+- ssize_t n;
++ size_t n;
+ unsigned long flags;
+
+ retval = 0;
+ spin_lock_irqsave(&tty->read_lock, flags);
+ n = min(tty->read_cnt, N_TTY_BUF_SIZE - tty->read_tail);
+- n = min((ssize_t)*nr, n);
++ n = min(*nr, n);
+ spin_unlock_irqrestore(&tty->read_lock, flags);
+ if (n) {
+ mb();
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14 2005-03-14 10:02:12 UTC (rev 2703)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14 2005-03-14 10:03:46 UTC (rev 2704)
@@ -23,3 +23,5 @@
+ nfs-O_DIRECT-fix.dpatch
+ sparc-sunsab-serial-lockup.dpatch
+ 109-binfmt_elf_loader_solar_designer_fixes.dpatch
++ 115-proc_file_read_nbytes_signedness_fix.dpatch
++ 116-n_tty_copy_from_read_buf_signedness_fixes.dpatch