Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 2886a8bdfa007053b414ab01741a98c18c376a85
commit2886a8bdfa007053b414ab01741a98c18c376a85[log] [tgz]
authorArjan van de Ven <arjan@infradead.org>Mon Dec 14 18:00:11 2009 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>Tue Dec 15 08:53:25 2009 -0800
tree6b3d10c16393da65f271fe7865feb4bae97e7674
parentfaa7b7ddca14887ac037f585d2fac7ca6c57037e [diff]
floppy: Add an extra bound check on ioctl arguments

gcc is not convinced that the floppy.c ioctl has sufficient bound checks:

In function `copy_from_user',
    inlined from `fd_copyin' at drivers/block/floppy.c:3080,
    inlined from `fd_ioctl' at drivers/block/floppy.c:3503:
    arch/x86/include/asm/uaccess_32.h:211:
warning: call to `copy_from_user_overflow' declared with attribute
warning: copy_from_user buffer size is not provably correct

And frankly, as a human I have a hard time proving the same more or less
(the size comes from the ioctl argument.  humpf.  maybe.  the code isn't
very nice)

This patch adds an explicit check to make 100% sure it's safe, better than
finding out later that there indeed was a gap.

[akpm@linux-foundation.org: add WARN_ON()]
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 file changed
tree: 6b3d10c16393da65f271fe7865feb4bae97e7674
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. MAINTAINERS
  28. Makefile
  29. README
  30. REPORTING-BUGS