Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 2b75bc9121e54e22537207b47b71373bcb0be41c
commit2b75bc9121e54e22537207b47b71373bcb0be41c[log] [tgz]
authorSasha Levin <levinsasha928@gmail.com>Sun Sep 09 16:16:58 2012 +0200
committerDavid Teigland <teigland@redhat.com>Mon Sep 10 09:50:27 2012 -0500
tree1b2778a163dedd71cd968b3b4e1d2049b5a86319
parent9c5bef5849c9fde1a37ac005299f759440cbaf4c [diff]
dlm: check the maximum size of a request from user

device_write only checks whether the request size is big enough, but it doesn't
check if the size is too big.

At that point, it also tries to allocate as much memory as the user has requested
even if it's too much. This can lead to OOM killer kicking in, or memory corruption
if (count + 1) overflows.

Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: David Teigland <teigland@redhat.com>
1 file changed
tree: 1b2778a163dedd71cd968b3b4e1d2049b5a86319
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS