11.1.0-34: Difference between revisions
Emufan4568 (talk | contribs) mNo edit summary |
|||
| (One intermediate revision by one other user not shown) | |||
| Line 22: | Line 22: | ||
* L_fff1c730, prev ver @ L_fff1c6f0. | * L_fff1c730, prev ver @ L_fff1c6f0. | ||
* L_fff26410, prev ver @ L_fff26394. | * L_fff26410, prev ver @ L_fff26394. | ||
All three functions now prevent negative chunk sizes to be used, which could have been used with hypotetical kernel-memory-read vulnerabilities to exploit the memory-management code. | |||
The first function ("validateChunk") now makes sure that: | The first function ("validateChunk") now makes sure that: | ||
| Line 36: | Line 38: | ||
if(chunkSizeInPages >= regionSize >> 12 || regionBase + regionSize < chunk + chunkSize) panic; | if(chunkSizeInPages >= regionSize >> 12 || regionBase + regionSize < chunk + chunkSize) panic; | ||
// ... | // ... | ||
if(leftChunk && leftChunk + leftChunkSize <= leftChunk) panic; | if(leftChunk && leftChunk + leftChunkSize <= leftChunk) panic; // this check was already done on 'right' | ||
====FIRM-modules==== | ====FIRM-modules==== | ||
| Line 99: | Line 101: | ||
* [https://yls8.mtheall.com/ninupdates/reports.php?date=09-13-16_12-05-19&sys=ctr] | * [https://yls8.mtheall.com/ninupdates/reports.php?date=09-13-16_12-05-19&sys=ctr] | ||
* [https://yls8.mtheall.com/ninupdates/reports.php?date=09-13-16_12-05-28&sys=ktr] | * [https://yls8.mtheall.com/ninupdates/reports.php?date=09-13-16_12-05-28&sys=ktr] | ||
[[Category:Firmware Versions]] | |||