Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / f45655f6a65538237359abce55edab9cfcc6d82f
commitf45655f6a65538237359abce55edab9cfcc6d82f[log] [tgz]
authorHeiko Carstens <heiko.carstens@de.ibm.com>Thu Feb 21 13:30:42 2013 +0100
committerMartin Schwidefsky <schwidefsky@de.ibm.com>Thu Feb 28 09:37:08 2013 +0100
treebf392ffe658ae512ed992ff24a3b6f5a32c092f7
parentd7b788cd06a3080ebf0b2f5f2e008d4fda2b336e [diff]
s390/uaccess: fix strncpy_from_user/strnlen_user zero maxlen case

If the maximum length specified for the to be accessed string for
strncpy_from_user() and strnlen_user() is zero the following incorrect
values would be returned or incorrect memory accesses would happen:

strnlen_user_std() and strnlen_user_pt() incorrectly return "1"
strncpy_from_user_pt() would incorrectly access "dst[maxlen - 1]"
strncpy_from_user_mvcos() would incorrectly return "-EFAULT"

Fix all these oddities by adding early checks.

Reviewed-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
3 files changed
tree: bf392ffe658ae512ed992ff24a3b6f5a32c092f7
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS