mm/nommu.c: add additional check for vread() just like vwrite() has done vwrite() checks for overflow. vread() should do the same thing. Since vwrite() checks the source buffer address, vread() should check the destination buffer address. Signed-off-by: Chen Gang <gang.chen@asianux.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Michel Lespinasse <walken@google.com> Cc: Rik van Riel <riel@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit: 9bde916bc73255dcee3d8aded990443675daa707 [log] [tgz]
author: Chen Gang <gang.chen@asianux.com> Wed Jul 03 15:02:36 2013 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> Wed Jul 03 16:07:31 2013 -0700
tree: 5f8487f28ba847ff7b7ddf1df6493ba20d555ebd
parent: dacbde0963d62a4962d5e8a5cc38dfd1f016124b [diff] [blame]
diff --git a/mm/nommu.c b/mm/nommu.c
index 298884d..1898b2fe 100644
--- a/mm/nommu.c
+++ b/mm/nommu.c

@@ -282,6 +282,10 @@
 
 long vread(char *buf, char *addr, unsigned long count)
 {
+	/* Don't allow overflow */
+	if ((unsigned long) buf + count < count)
+		count = -(unsigned long) buf;
+
 	memcpy(buf, addr, count);
 	return count;
 }
commit	9bde916bc73255dcee3d8aded990443675daa707	[log] [tgz]
author	Chen Gang <gang.chen@asianux.com>	Wed Jul 03 15:02:36 2013 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	Wed Jul 03 16:07:31 2013 -0700
tree	5f8487f28ba847ff7b7ddf1df6493ba20d555ebd
parent	dacbde0963d62a4962d5e8a5cc38dfd1f016124b [diff] [blame]