SVNews r330880

NOTE: This service is experimental and subject to change! Use at your own risk!

2018-03-13 20:39:06 - r330880 by brooks (Brooks Davis)

Complete list of files affected by revision r330880:

(Note: At the moment, these links point to ViewVC on They are probably slow. Do not overuse.)

  History   Contents   Diff   MODIFY   /head/sys/dev/md/md.c  

Commit message:

Don't overflow the kernel struct mdio in the MDIOCLIST ioctl.

Always terminate the list with -1 and document the ioctl behavior.
This preserves existing behavior as seen from userspace with the
addition of the unconditional termination which will not be seen by
working consumers of MDIOCLIST.

Because this ioctl can only be performed by root (in default
configurations) and is not used in the base system this bug is not
deemed to warrant either a security advisory or an eratta notice.

Reviewed by: kib
Obtained from: CheriBSD
Discussed with: security-officer (gordon)
MFC after: 3 days
Security: kernel heap buffer overflow
Sponsored by: DARPA, AFRL
Differential Revision:


Powered by Python FreeBSD support by secnetix GmbH & Co. KG

Page generated in 29 ms, 1 file printed. Current time is 2018-03-18 09:30:03. All times are in UTC/GMT.