Re: Linux 2.4.27-rc5

[Geert Uytterhoeven]

On Tue, 3 Aug 2004, Marcelo Tosatti wrote:
> Most importantly this release fixes an exploitable race in file offset handling
> which allows unpriviledged users from potentially reading kernel memory.
> This touches several drivers and generic proc code. This issue is covered by
> CAN-2004-0415.
> Marcelo Tosatti:
>   o Al Viro and others: Fix file offset handling races in several drivers

Breaks the build with gcc 2.95. Trivial fix below:

--- linux-2.4.27-rc5/net/atm/br2684.c.orig	2004-08-04 15:33:22.000000000 +0200
+++ linux-2.4.27-rc5/net/atm/br2684.c	2004-08-04 17:21:16.000000000 +0200
@@ -736,8 +736,9 @@ static ssize_t br2684_proc_read(struct f
 {
 	unsigned long page;
 	int len = 0, x, left;
-	page = get_free_page(GFP_KERNEL);
 	loff_t n = *pos;
+
+	page = get_free_page(GFP_KERNEL);
 	if (!page)
 		return -ENOMEM;
 	left = PAGE_SIZE - 256;

Gr{oetje,eeting}s,

						Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
							    -- Linus Torvalds
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/