Bugtraq mailing list archives

Linux 2.1.115 devpts bug improved fix

From: dps () IO STARGATE CO UK (Duncan Simpson)
Date: Thu, 13 Aug 1998 20:38:21 +0100


After reading more source code here is a better fix to the
linux 2.1.115 devpts bounds checking bug. This version bears
the precious previous by adding a -ve entry in the cache for
next time.


--- linux/fs/devpts/root.c.dist Thu Aug 13 17:54:17 1998
+++ linux/fs/devpts/root.c      Thu Aug 13 20:33:50 1998
@@ -159,10 +159,12 @@
                        entry += (*p++ - '0');
                }
        }
-
-       dentry->d_inode = sbi->inodes[entry];
-       if ( dentry->d_inode )
-               dentry->d_inode->i_count++;
+       if (entry<sbi->max_ptys) /* Check range of number */
+       {
+               dentry->d_inode = sbi->inodes[entry];
+               if ( dentry->d_inode )
+                       dentry->d_inode->i_count++;
+       }

        d_add(dentry, dentry->d_inode);

Current thread:

Re: Eudora executes (Java) URL, (continued)
- - - Re: Eudora executes (Java) URL John D. Hardin (Aug 11)
    - Cisco IOS software security notice security-alert () cisco com (Aug 12)
    - Re: Eudora executes (Java) URL High Tide (Aug 12)
  - Re: RotoRouter 1.0 - Traceroute log & fake Julian Assange (Aug 11)
  - DoS in Flowpoint 2000 DSL routers Jason Ackley (Aug 11)
    - Re: DoS in Flowpoint 2000 DSL routers Tom (Aug 11)
    - Re: DoS in Flowpoint 2000 DSL routers Jason Ackley (Aug 12)
    - Linux 2.1.115 oops (demo and fix) Duncan Simpson (Aug 13)
    - Re: Linux 2.1.115 oops (demo and fix) Chris Wedgwood (Aug 13)
    - [rootshell] Security Bulletin #22 DeadSock (Aug 14)
    - Linux 2.1.115 devpts bug improved fix Duncan Simpson (Aug 13)