[PATCH] add check to /proc/devices read routines Patch to add check to get_chrdev_list and get_blkdev_list to prevent reads of /proc/devices from spilling over the provided page if more than 4096 bytes of string data are generated from all the registered character and block devices in a system Signed-off-by: Neil Horman <nhorman@redhat.com> Cc: Christoph Hellwig <hch@lst.de> Cc: <viro@parcelfarce.linux.theplanet.co.uk> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: ac20427ef6aa63da663bdc88b71d16f7394f5e23 [log] [tgz]
author: Neil Horman <nhorman@redhat.com> Thu Jun 23 00:09:11 2005 -0700
committer: Linus Torvalds <torvalds@ppc970.osdl.org> Thu Jun 23 09:45:19 2005 -0700
tree: 49ba4f88c5cea42d59b386c508174f585efc8a01
parent: 3bc1ee3e8f1c05c0f64a479c6d56eb34a6190599 [diff] [blame]
diff --git a/fs/char_dev.c b/fs/char_dev.c
index c1e3537..e82aac9 100644
--- a/fs/char_dev.c
+++ b/fs/char_dev.c

@@ -56,10 +56,21 @@
 
 	down(&chrdevs_lock);
 	for (i = 0; i < ARRAY_SIZE(chrdevs) ; i++) {
-		for (cd = chrdevs[i]; cd; cd = cd->next)
+		for (cd = chrdevs[i]; cd; cd = cd->next) {
+			/*
+			 * if the current name, plus the 5 extra characters
+			 * in the device line for this entry
+			 * would run us off the page, we're done
+			 */
+			if ((len+strlen(cd->name) + 5) >= PAGE_SIZE)
+				goto page_full;
+
+
 			len += sprintf(page+len, "%3d %s\n",
 				       cd->major, cd->name);
+		}
 	}
+page_full:
 	up(&chrdevs_lock);
 
 	return len;
commit	ac20427ef6aa63da663bdc88b71d16f7394f5e23	[log] [tgz]
author	Neil Horman <nhorman@redhat.com>	Thu Jun 23 00:09:11 2005 -0700
committer	Linus Torvalds <torvalds@ppc970.osdl.org>	Thu Jun 23 09:45:19 2005 -0700
tree	49ba4f88c5cea42d59b386c508174f585efc8a01
parent	3bc1ee3e8f1c05c0f64a479c6d56eb34a6190599 [diff] [blame]