[PATCH] /fs/proc/: 'larger than buffer size' memory accessed by clear_user() · 0635170b54 - Gogs

[PATCH] /fs/proc/: 'larger than buffer size' memory accessed by clear_user()

Address a potential 'larger than buffer size' memory access by
clear_user().  Without this patch, this call to clear_user() can attempt to
clear too many (tsz) bytes resulting in a wrong (-EFAULT) return code by
read_kcore().

Signed-off-by: Adam B. Jerome <abj@novell.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

Adam B. Jerome 19 years ago

parent

232ba9dbd6

commit

0635170b54

1 changed files with 1 additions and 1 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 1
						
fs/proc/kcore.c
							 
								View File
							
				@@ -382,7 +382,7 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos)
			
				 				 */
			
				 				if (n) { 
			
				 					if (clear_user(buffer + tsz - n,
			
				-								tsz - n))
			
				+								n))
			
				 						return -EFAULT;
			
				 				}
			
				 			} else {