)]}'
{
  "log": [
    {
      "commit": "ce0030c00f95cf9110d9cdcd41e901e1fb814417",
      "tree": "40b124b99205bd469ed156b682d7f0f4e5726e5a",
      "parents": [
        "9ad3bfb9e26197c378d6c239180ed7bcf7c29fd8"
      ],
      "author": {
        "name": "Alexandre SIMON",
        "email": "Alexandre.Simon@univ-lorraine.fr",
        "time": "Fri Feb 01 15:31:54 2013 +0100"
      },
      "committer": {
        "name": "Greg Kroah-Hartman",
        "email": "gregkh@linuxfoundation.org",
        "time": "Thu Feb 21 10:04:57 2013 -0800"
      },
      "message": "printk: fix buffer overflow when calling log_prefix function from call_console_drivers\n\nThis patch corrects a buffer overflow in kernels from 3.0 to 3.4 when calling\nlog_prefix() function from call_console_drivers().\n\nThis bug existed in previous releases but has been revealed with commit\n162a7e7500f9664636e649ba59defe541b7c2c60 (2.6.39 \u003d\u003e 3.0) that made changes\nabout how to allocate memory for early printk buffer (use of memblock_alloc).\nIt disappears with commit 7ff9554bb578ba02166071d2d487b7fc7d860d62 (3.4 \u003d\u003e 3.5)\nthat does a refactoring of printk buffer management.\n\nIn log_prefix(), the access to \"p[0]\", \"p[1]\", \"p[2]\" or\n\"simple_strtoul(\u0026p[1], \u0026endp, 10)\" may cause a buffer overflow as this\nfunction is called from call_console_drivers by passing \"\u0026LOG_BUF(cur_index)\"\nwhere the index must be masked to do not exceed the buffer\u0027s boundary.\n\nThe trick is to prepare in call_console_drivers() a buffer with the necessary\ndata (PRI field of syslog message) to be safely evaluated in log_prefix().\n\nThis patch can be applied to stable kernel branches 3.0.y, 3.2.y and 3.4.y.\n\nWithout this patch, one can freeze a server running this loop from shell :\n  $ export DUMMY\u003d`cat /dev/urandom | tr -dc \u002712345AZERTYUIOPQSDFGHJKLMWXCVBNazertyuiopqsdfghjklmwxcvbn\u0027 | head -c255`\n  $ while true do ; echo $DUMMY \u003e /dev/kmsg ; done\n\nThe \"server freeze\" depends on where memblock_alloc does allocate printk buffer :\nif the buffer overflow is inside another kernel allocation the problem may not\nbe revealed, else the server may hangs up.\n\nSigned-off-by: Alexandre SIMON \u003cAlexandre.Simon@univ-lorraine.fr\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n"
    },
    {
      "commit": "d78ca3cd733d8a2c3dcd88471beb1a15d973eed8",
      "tree": "a27ccf86f5f7df3cc987d0203ed0bff2db46db57",
      "parents": [
        "002345925e6c45861f60db6f4fc6236713fd8847"
      ],
      "author": {
        "name": "Kees Cook",
        "email": "kees.cook@canonical.com",
        "time": "Wed Feb 03 15:37:13 2010 -0800"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Thu Feb 04 14:20:41 2010 +1100"
      },
      "message": "syslog: use defined constants instead of raw numbers\n\nRight now the syslog \"type\" action are just raw numbers which makes\nthe source difficult to follow.  This patch replaces the raw numbers\nwith defined constants for some level of sanity.\n\nSigned-off-by: Kees Cook \u003ckees.cook@canonical.com\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "002345925e6c45861f60db6f4fc6236713fd8847",
      "tree": "d7849eafe1755116597166bbebf43e2bee86cb76",
      "parents": [
        "0719aaf5ead7555b7b7a4a080ebf2826a871384e"
      ],
      "author": {
        "name": "Kees Cook",
        "email": "kees.cook@canonical.com",
        "time": "Wed Feb 03 15:36:43 2010 -0800"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Thu Feb 04 14:20:12 2010 +1100"
      },
      "message": "syslog: distinguish between /proc/kmsg and syscalls\n\nThis allows the LSM to distinguish between syslog functions originating\nfrom /proc/kmsg access and direct syscalls.  By default, the commoncaps\nwill now no longer require CAP_SYS_ADMIN to read an opened /proc/kmsg\nfile descriptor.  For example the kernel syslog reader can now drop\nprivileges after opening /proc/kmsg, instead of staying privileged with\nCAP_SYS_ADMIN.  MAC systems that implement security_syslog have unchanged\nbehavior.\n\nSigned-off-by: Kees Cook \u003ckees.cook@canonical.com\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    }
  ]
}