| commit | c5df59136a55fe08c21d39321679cbb008479edf | |
| author | Roel Kluin <roel.kluin@gmail.com> | |
| Tue, 22 Sep 2009 23:45:54 +0000 (22 16:45 -0700) | ||
| committer | Linus Torvalds <torvalds@linux-foundation.org> | |
| Wed, 23 Sep 2009 14:39:42 +0000 (23 07:39 -0700) | ||
| tree | 1ee4e37aba1555f5558e0eb43d5f7093bc82af98 | treesnapshot (tar.gz zip) |
| parent | a7e3108cca54c105f496919040f00df56767ec00 | commitdiff |
ncpfs: read buffer overflow
This function uses signed integers for the unix_date and local variables -
if a negative number is supplied and the leap-year condition is not met,
month will be 0, leading to a later read of day_n[-1]
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Cc: Petr Vandrovec <VANDROVE@vc.cvut.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This function uses signed integers for the unix_date and local variables -
if a negative number is supplied and the leap-year condition is not met,
month will be 0, leading to a later read of day_n[-1]
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Cc: Petr Vandrovec <VANDROVE@vc.cvut.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| fs/ncpfs/dir.c | diffblobblamehistory |