sanitize audit_mq_notify() * don't copy_from_user() twice * don't bother with allocations * don't duplicate parts of audit_dummy_context() * make it return void Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

commit: 20114f71b27cafeb7c7e41d2b0f0b68c3fbb022b [log] [tgz]
author: Al Viro <viro@zeniv.linux.org.uk> Wed Dec 10 07:16:12 2008 -0500
committer: Al Viro <viro@zeniv.linux.org.uk> Sun Jan 04 15:14:40 2009 -0500
tree: fcbb481cfec8c11f103ba07dbb08819de3822d80
parent: 7392906ea915b9a2c14dea32b3604b4e178f82f7 [diff]
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 7563611..e7b2f68 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c

@@ -1003,17 +1003,17 @@
 	struct mqueue_inode_info *info;
 	struct sk_buff *nc;
 
-	ret = audit_mq_notify(mqdes, u_notification);
-	if (ret != 0)
-		return ret;
+	if (u_notification) {
+		if (copy_from_user(&notification, u_notification,
+					sizeof(struct sigevent)))
+			return -EFAULT;
+	}
+
+	audit_mq_notify(mqdes, u_notification ? &notification : NULL);
 
 	nc = NULL;
 	sock = NULL;
 	if (u_notification != NULL) {
-		if (copy_from_user(&notification, u_notification,
-					sizeof(struct sigevent)))
-			return -EFAULT;
-
 		if (unlikely(notification.sigev_notify != SIGEV_NONE &&
 			     notification.sigev_notify != SIGEV_SIGNAL &&
 			     notification.sigev_notify != SIGEV_THREAD))
commit	20114f71b27cafeb7c7e41d2b0f0b68c3fbb022b	[log] [tgz]
author	Al Viro <viro@zeniv.linux.org.uk>	Wed Dec 10 07:16:12 2008 -0500
committer	Al Viro <viro@zeniv.linux.org.uk>	Sun Jan 04 15:14:40 2009 -0500
tree	fcbb481cfec8c11f103ba07dbb08819de3822d80
parent	7392906ea915b9a2c14dea32b3604b4e178f82f7 [diff]