]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e0c15f4) | patch
Ensure that dirent's d_off field is initialized
authorMark Johnston <markj@FreeBSD.org>
Sun, 3 Jan 2021 16:32:30 +0000 (11:32 -0500)
committerEd Maste <emaste@FreeBSD.org>
Fri, 29 Jan 2021 00:59:18 +0000 (19:59 -0500)
commit66ace87da47b8036dd8ac2ab2e66ab0042c0d252
tree41ca02693749518758de8d7972b94aa262ca2981tree | snapshot
parente0c15f45abd4bd5165e11b557a8c90d0faf5cfebcommit | diff
Ensure that dirent's d_off field is initialized

We have the d_off field in struct dirent for providing the seek offset
of the next directory entry.  Several filesystems were not initializing
the field, which ends up being copied out to userland.

Reported by: Syed Faraz Abrar <faraz@elttam.com>
Reviewed by: kib

(cherry picked from commit 90f580b954090e669da234f6c8e8d0379ff9d8bc)
(cherry picked from commit acaac0eefa1f2675dfc49faa077e3fb10949d540)

Approved by: so
Security: CVE-2020-25578
sys/fs/autofs/autofs_vnops.c diff | blob | history
sys/fs/smbfs/smbfs_io.c diff | blob | history
sys/fs/tmpfs/tmpfs_subr.c diff | blob | history
sys/kern/uipc_mqueue.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.