[Mesa-dev] [PATCH] i965: fix problem with constant out of bounds access (v2)
Kenneth Graunke
kenneth at whitecape.org
Wed May 29 18:43:48 PDT 2013
On 05/29/2013 05:44 PM, Dave Airlie wrote:
> From: Dave Airlie <airlied at redhat.com>
>
> This is my attempt at fixing this as the CVE is making RH security team
> care enough to make me look at this. (please upstream, security fixes are
> more important than whatever else you are doing, if for no other reason than
> it saves me having to fix stuff I've no real clue about).
This is the first I've heard of the CVE. In fact, I still can't see the
CVE because people insist on a horrible secretive process. But I
digress. Thanks for fixing this, Dave.
> Since Frank's original fix was denied, here is my attempt to just
> alias all constants that are out of bounds < 0 or > nr_params to constant 0,
> hopefully this provides the undefined behaviour idr requires..
>
> CVE-2013-1872
>
> v2: drop the last hunk which was a separate fix (now in master).
> hopefully fix the indentations.
>
> Signed-off-by: Dave Airlie <airlied at redhat.com>
NOTE: This is a candidate for stable branches.
Reviewed-by: Kenneth Graunke <kenneth at whitecape.org>
More information about the mesa-dev
mailing list