[OPERA] Another potential bug in /arch/mips/kernel/sysirix.c

From: Zhenmin Li
Date: Thu May 20 2004 - 17:29:12 EST

Next message: David Mosberger: "Re: [PATCH] fixing sendfile on 64bit architectures"
Previous message: Francois Romieu: "Re: Data loss on IDE drive after crash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We ran our bug detection tool upon Linux 2.6.6, and found some potential
errors.
We would sincerely appreciate your help if anyone can confirm whether they
are bugs or not.

Linux 2.6.6, /arch/mips/kernel/sysirix.c, Line 1642

1634 asmlinkage int irix_statvfs64(char *fname, struct irix_statvfs64 *buf)
1635 {
1636 struct nameidata nd;
1637 struct kstatfs kbuf;
1638 int error, i;
1639
1640 printk("[%s:%d] Wheee.. irix_statvfs(%s,%p)\n",
1641 current->comm, current->pid, fname, buf);
!1642 error = verify_area(VERIFY_WRITE, buf, sizeof(struct
irix_statvfs));
1643 if(error)
1644 goto out;

May be changed to:
1634 asmlinkage int irix_statvfs64(char *fname, struct irix_statvfs64 *buf)
1635 {
1636 struct nameidata nd;
1637 struct kstatfs kbuf;
1638 int error, i;
1639
1640 printk("[%s:%d] Wheee.. irix_statvfs(%s,%p)\n",
1641 current->comm, current->pid, fname, buf);
!1642 error = verify_area(VERIFY_WRITE, buf, sizeof(struct
irix_statvfs64));
1643 if(error)
1644 goto out;

Thanks a lot,
OPERA Research Group
University of Illinois at Urbana-Champaign

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Mosberger: "Re: [PATCH] fixing sendfile on 64bit architectures"
Previous message: Francois Romieu: "Re: Data loss on IDE drive after crash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]