Package: blktrace / 1.1.0-2+deb9u1

cve-2018-10689.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Last-Update: 2018-05-16
Forwarded: yes
Author: Jens Axboe <axboe@kernel.dk>
Description: fix CVE-2018-10689: make device/devno use PATH_MAX to avoid overflow.  Patch from https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=d61ff409cb4dda31386373d706ea0cfb1aaac5b7

diff --git a/btt/devmap.c b/btt/devmap.c
index 0553a9e..5fc1cb2 100644
--- a/btt/devmap.c
+++ b/btt/devmap.c
@@ -23,7 +23,7 @@

 struct devmap {
 	struct list_head head;
-	char device[32], devno[32];
+	char device[PATH_MAX], devno[PATH_MAX];
 };

 LIST_HEAD(all_devmaps);