[Applied Oneiric] Re: [PATCH 2/2] [oneiric CVE 2/2] Change check_ruid flag to a more reasonable type
Tim Gardner
tim.gardner at canonical.com
Thu Aug 11 17:28:51 UTC 2011
I don't think this one is strictly necessary since it doesn't change
code behavior, and needlessly diverges from upstream. A uid_t is an
'unsigned int' which is as good as a boolean in this case.
rtg
On 08/11/2011 08:11 AM, Leann Ogasawara wrote:
> Applied to Oneiric master-next and updated commit to note "UBUNTU:
> SAUCE:" for now.
>
> Thanks,
> Leann
>
> On Thu, 2011-08-11 at 00:39 -0700, John Johansen wrote:
>> The first interation of the patch for the check ruid flag at mount time
>> flag returned a full uid. However the revised patch used the check_ruid
>> parameter solely as a boolean flag, but missed fixing the parameters type.
>>
>> Change the parameter type to int instead of uid_t.
>>
>> CVE-2011-1833
>> BugLink: http://bugs.launchpad.net/bugs/732628
>>
>> Signed-off-by: John Johansen<john.johansen at canonical.com>
>> ---
>> fs/ecryptfs/main.c | 5 ++---
>> 1 files changed, 2 insertions(+), 3 deletions(-)
>>
>> diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
>> index 703cda3..27df5b5 100644
>> --- a/fs/ecryptfs/main.c
>> +++ b/fs/ecryptfs/main.c
>> @@ -255,7 +255,7 @@ static void ecryptfs_init_mount_crypt_stat(
>> * Returns zero on success; non-zero on error
>> */
>> static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options,
>> - uid_t *check_ruid)
>> + int *check_ruid)
>> {
>> char *p;
>> int rc = 0;
>> @@ -484,8 +484,7 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags
>> const char *err = "Getting sb failed";
>> struct inode *inode;
>> struct path path;
>> - uid_t check_ruid;
>> - int rc;
>> + int rc, check_ruid;
>>
>> sbi = kmem_cache_zalloc(ecryptfs_sb_info_cache, GFP_KERNEL);
>> if (!sbi) {
>> --
>> 1.7.5.4
>>
>>
>
>
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list