On 05/29/2013 05:44 PM, Dave Airlie wrote:
From: Dave Airlie <airl...@redhat.com>
This is my attempt at fixing this as the CVE is making RH security team
care enough to make me look at this. (please upstream, security fixes are
more important than whatever else you are doing, if for no other reason than
it saves me having to fix stuff I've no real clue about).
This is the first I've heard of the CVE. In fact, I still can't see the
CVE because people insist on a horrible secretive process. But I
digress. Thanks for fixing this, Dave.
Since Frank's original fix was denied, here is my attempt to just
alias all constants that are out of bounds < 0 or > nr_params to constant 0,
hopefully this provides the undefined behaviour idr requires..
CVE-2013-1872
v2: drop the last hunk which was a separate fix (now in master).
hopefully fix the indentations.
Signed-off-by: Dave Airlie <airl...@redhat.com>
NOTE: This is a candidate for stable branches.
Reviewed-by: Kenneth Graunke <kenn...@whitecape.org>
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev
