d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9fe3e6c023
freebsd-dev/sys
History
Jung-uk Kim 9fe3e6c023 Fix a use-after-free bug for extended IRQ resource[1]. When _PRS buffer is 
copied as a template for _SRS, a string pointer for descriptor name is also
copied and it becomes stale as soon as it gets de-allocated[2].  Now _CRS is
used as a template for _SRS as ACPI specification suggests if it is usable.
The template from _PRS is still utilized but only when _CRS is not available
or broken.  To avoid use-after-free the problem in this case, however, only
mandatory fields are copied, optional data is removed, and structure length
is adjusted accordingly.

Reported by:	hps[1]
Analyzed by:	avg[2]
Tested by:	hps
2010-11-05 19:50:09 +00:00
..
amd64 Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
arm Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
boot Partially revert r203829; as it turns out what the PowerPC OFW loader did 2010-10-29 20:42:02 +00:00
bsm
cam Make da driver to handle some probably broken Android devices, returning 2010-10-24 18:53:16 +00:00
cddl Bugfix merge from OpenSolaris: 2010-10-26 15:48:03 +00:00
compat Remove 4.x, 5.x and 6.x compatibility bits. 2010-11-04 18:43:57 +00:00
conf Shorten long lines. 2010-11-02 05:39:57 +00:00
contrib Merge ACPICA 20101013. 2010-10-13 21:37:02 +00:00
crypto Change two missed instances of 'retq' in aeskeys_i386.S to 'retl', which 2010-10-13 17:55:53 +00:00
ddb
dev Fix a use-after-free bug for extended IRQ resource[1]. When _PRS buffer is 2010-11-05 19:50:09 +00:00
fs Modify nfs_open() in the experimental NFS client to be compatible 2010-10-29 13:46:21 +00:00
gdb there must be only one SYSINIT with SI_SUB_RUN_SCHEDULER+SI_ORDER_ANY order 2010-09-30 17:05:23 +00:00
geom Extend the g_eventlock mutex coverage in one_event() to include setting 2010-11-03 16:19:35 +00:00
gnu The r184588 changed the layout of struct export_args, causing an ABI 2010-10-10 07:05:47 +00:00
i386 Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
ia64 Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
isa bus_add_child: change type of order parameter to u_int 2010-09-10 11:19:03 +00:00
kern Remove 'softclock_ih' as it is no longer used. 2010-11-03 15:38:52 +00:00
kgssapi
libkern Make the RPC specific __rpc_inet_ntop() and __rpc_inet_pton() general 2010-09-24 15:01:45 +00:00
mips Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
modules Add a driver for the Apple Uninorth AGP host bridge found in all PowerPC 2010-10-31 18:27:05 +00:00
net Sync DLTs with the latest pcap version. 2010-10-29 18:41:09 +00:00
net80211 Fix an undefined behaviour if the desired ratectl algo is not available. 2010-10-19 18:49:26 +00:00
netatalk
netgraph When calling panic(), always pass a format string. 2010-10-13 17:21:21 +00:00
netinet Don't spam the console with loaded modules during boot and/or during 2010-11-03 21:10:12 +00:00
netinet6 Make the IPsec SADB embedded route cache a union to be able to hold both the 2010-10-23 20:35:40 +00:00
netipsec Announce both IPsec and UDP Encap (NAT-T) if available for 2010-10-30 18:52:44 +00:00
netipx
netnatm
netncp
netsmb
nfs Fix the type of the 3rd argument for nm_getinfo so that it works 2010-10-19 11:55:58 +00:00
nfsclient Add missing "readahead" to the nfs_opts list. 2010-10-27 14:08:37 +00:00
nfsserver When readdirplus() is handled on the exported filesystem that does 2010-10-19 08:55:31 +00:00
nlm Modify the NFS clients and the NLM so that the NLM can be used 2010-10-19 00:20:00 +00:00
opencrypto Add support for AES-XTS. 2010-09-23 11:52:32 +00:00
pc98 Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
pci Add simple MAC statistics counter reading support. Unfortunately 2010-11-05 19:28:00 +00:00
powerpc Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
rpc Fix the krpc so that it can handle NFSv3,UDP mounts with a read/write 2010-10-13 00:57:14 +00:00
security Add missing DTrace probe invocation to mac_vnode_check_open; the probe 2010-10-23 16:59:39 +00:00
sparc64 Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
sun4v Adjust the order of operations in spinlock_enter() and spinlock_exit() to 2010-11-05 13:42:58 +00:00
sys Remove 'softclock_ih' as it is no longer used. 2010-11-03 15:38:52 +00:00
teken Partially implement the mysterious cons25 \e[x escape sequence. 2010-11-05 00:56:21 +00:00
tools Add an extra comment to the SDT probes definition. This allows us to get 2010-08-22 11:18:57 +00:00
ufs Bring vfs.ufs.dirhash_maxmem into the age of the fruitbat and make it 2010-10-25 21:46:23 +00:00
vm Update startup_alloc() to support multi-page allocations and allow internal 2010-11-04 15:33:50 +00:00
x86 Cosmetic change to revert one of my earlier ones. 2010-11-02 20:16:41 +00:00
xdr
xen Improve the Xen para-virtualized device infrastructure of FreeBSD: 2010-10-19 20:53:30 +00:00
Makefile