[Applied Oneiric] Re: [PATCH 2/2] [oneiric CVE 2/2] Change check_ruid flag to a more reasonable type

Leann Ogasawara leann.ogasawara at canonical.com
Thu Aug 11 14:11:34 UTC 2011


Applied to Oneiric master-next and updated commit to note "UBUNTU:
SAUCE:" for now.

Thanks,
Leann

On Thu, 2011-08-11 at 00:39 -0700, John Johansen wrote:
> The first interation of the patch for the check ruid flag at mount time
> flag returned a full uid.  However the revised patch used the check_ruid
> parameter solely as a boolean flag, but missed fixing the parameters type.
> 
> Change the parameter type to int instead of uid_t.
> 
> CVE-2011-1833
> BugLink: http://bugs.launchpad.net/bugs/732628
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> ---
>  fs/ecryptfs/main.c |    5 ++---
>  1 files changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
> index 703cda3..27df5b5 100644
> --- a/fs/ecryptfs/main.c
> +++ b/fs/ecryptfs/main.c
> @@ -255,7 +255,7 @@ static void ecryptfs_init_mount_crypt_stat(
>   * Returns zero on success; non-zero on error
>   */
>  static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options,
> -				  uid_t *check_ruid)
> +				  int *check_ruid)
>  {
>  	char *p;
>  	int rc = 0;
> @@ -484,8 +484,7 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags
>  	const char *err = "Getting sb failed";
>  	struct inode *inode;
>  	struct path path;
> -	uid_t check_ruid;
> -	int rc;
> +	int rc, check_ruid;
>  
>  	sbi = kmem_cache_zalloc(ecryptfs_sb_info_cache, GFP_KERNEL);
>  	if (!sbi) {
> -- 
> 1.7.5.4
> 
> 






More information about the kernel-team mailing list