File: cve-2018-10689

package info (click to toggle)
blktrace 1.2.0-5
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, buster
  • size: 7,220 kB
  • sloc: ansic: 16,704; python: 355; makefile: 215; sh: 31
file content (16 lines) | stat: -rw-r--r-- 492 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
 
Last-Update: 2018-05-16
Forwarded: yes
Author: Jens Axboe <axboe@kernel.dk>
Description: fix CVE-2018-10689: make device/devno use PATH_MAX to avoid overflow.  Patch from https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=d61ff409cb4dda31386373d706ea0cfb1aaac5b7

--- a/btt/devmap.c
+++ b/btt/devmap.c
@@ -23,7 +23,7 @@

 struct devmap {
 	struct list_head head;
-	char device[32], devno[32];
+	char device[PATH_MAX], devno[PATH_MAX];
 };

 LIST_HEAD(all_devmaps);