seq_file: disallow extremely large seq buffer allocations
commit 8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b upstream.
There is no reasonable need for a buffer larger than this, and it avoids
int overflow pitfalls.
Fixes: 058504edd0
("fs/seq_file: fallback to vmalloc allocation")
Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
Reported-by: Qualys Security Advisory <qsa@qualys.com>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
b33aa0dbd7
commit
174c34d9cd
|
@ -32,6 +32,9 @@ static void seq_set_overflow(struct seq_file *m)
|
|||
|
||||
static void *seq_buf_alloc(unsigned long size)
|
||||
{
|
||||
if (unlikely(size > MAX_RW_COUNT))
|
||||
return NULL;
|
||||
|
||||
return kvmalloc(size, GFP_KERNEL_ACCOUNT);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user