Tyler Hicks a0d7384148 libceph: Fix NULL pointer dereference in auth client code ... commit 2cb33cac62 upstream. A malicious monitor can craft an auth reply message that could cause a NULL function pointer dereference in the client's kernel. To prevent this, the auth_none protocol handler needs an empty ceph_auth_client_ops->build_request() function. CVE-2013-1059 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Reported-by: Chanam Park <chanam.park@hkpco.kr> Reviewed-by: Seth Arnold <seth.arnold@canonical.com> Reviewed-by: Sage Weil <sage@inktank.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2013-07-13 11:03:40 -07:00
..
crush	crush: fix memory leak when destroying tree buckets	2012-11-26 11:38:03 -08:00
armor.c
auth.c	libceph: wrap auth methods in a mutex	2013-06-20 11:58:47 -07:00
auth_none.c	libceph: Fix NULL pointer dereference in auth client code	2013-07-13 11:03:40 -07:00
auth_none.h
auth_x.c	libceph: wrap auth ops in wrapper functions	2013-06-20 11:58:47 -07:00
auth_x.h	libceph: add update_authorizer auth method	2013-06-20 11:58:46 -07:00
auth_x_protocol.h
buffer.c
ceph_common.c	libceph: remove 'osdtimeout' option	2013-01-17 08:51:20 -08:00
ceph_fs.c
ceph_hash.c
ceph_strings.c
crypto.c	libceph: fix crypto key null deref, memory leak	2012-11-26 11:38:42 -08:00
crypto.h	libceph: fix crypto key null deref, memory leak	2012-11-26 11:38:42 -08:00
debugfs.c	libceph: delay debugfs initialization until we learn global_id	2012-11-26 11:38:43 -08:00
Kconfig
Makefile
messenger.c	libceph: clear messenger auth_retry flag when we authenticate	2013-06-20 11:58:46 -07:00
mon_client.c	libceph: wrap auth ops in wrapper functions	2013-06-20 11:58:47 -07:00
msgpool.c	libceph: initialize msgpool message types	2012-11-26 11:38:38 -08:00
osd_client.c	libceph: wrap auth ops in wrapper functions	2013-06-20 11:58:47 -07:00
osdmap.c	libceph: fix osdmap decode error paths	2013-01-17 08:51:19 -08:00
pagelist.c
pagevec.c