[PATCH 001/001] /fs/proc/: 'larger than buffer size' memoryaccesses by clear_user()

From: Adam Jerome
Date: Mon Jul 10 2006 - 11:30:58 EST

Next message: Antonino A. Daplas: "Re: [PATCH] Clean up old names in tty code to current names"
Previous message: Matt Reuther: "Re: Depmod errors on 2.6.17.4/2.6.18-rc1/2.6.18-rc1-mm1"
Next in thread: Adam Jerome: "[PATCH 001/001] /fs/proc/: 'larger than buffer size' memoryaccesses by clear_user()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Adam B. Jerome <abj@xxxxxxxxxx>

This patch addresses potential 'larger than buffer size' memory
accesses by clear_user().
Without this patch, this call to clear_user() can attempt to clear too
many (tsz) bytes
resulting in a wrong (-EFAULT) return code by read_kcore().
Signed-off-by: Adam B. Jerome <abj@xxxxxxxxxx>
---

I do not subscribe to the list. Please CC posted answers/comments CC me
<abj@xxxxxxxxxx>.
Thanks; -adam

diff -urpN linux-2.6-git/fs/proc/kcore.c linux-2.6-cur/fs/proc/kcore.c
--- linux-2.6-git/fs/proc/kcore.c 2006-07-07 15:39:23.000000000
-0600
+++ linux-2.6-cur/fs/proc/kcore.c 2006-07-07 16:11:58.000000000
-0600
@@ -384,7 +384,7 @@ read_kcore(struct file *file, char __use
*/
if (n) {
if (clear_user(buffer + tsz -
n,
- tsz -
n))
+ n))
return -EFAULT;
}
} else {

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Antonino A. Daplas: "Re: [PATCH] Clean up old names in tty code to current names"
Previous message: Matt Reuther: "Re: Depmod errors on 2.6.17.4/2.6.18-rc1/2.6.18-rc1-mm1"
Next in thread: Adam Jerome: "[PATCH 001/001] /fs/proc/: 'larger than buffer size' memoryaccesses by clear_user()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]