* [PATCH] char: ip2: check put_user() result
@ 2010-07-29 15:55 Kulikov Vasiliy
2010-07-29 16:13 ` Alan Cox
0 siblings, 1 reply; 2+ messages in thread
From: Kulikov Vasiliy @ 2010-07-29 15:55 UTC (permalink / raw)
To: kernel-janitors
Cc: Michael H. Warfield, Greg Kroah-Hartman, Rakib Mullick,
Andrew Morton, Ben Hutchings, linux-kernel
put_user()/copy_to_user() may fail, if so return -EFAULT.
Signed-off-by: Kulikov Vasiliy <segooon@gmail.com>
---
drivers/char/ip2/ip2main.c | 16 ++++++++--------
1 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/drivers/char/ip2/ip2main.c b/drivers/char/ip2/ip2main.c
index 07f3ea3..3f70a05 100644
--- a/drivers/char/ip2/ip2main.c
+++ b/drivers/char/ip2/ip2main.c
@@ -2813,9 +2813,9 @@ DumpTraceBuffer ( char __user *pData, int count )
return -EIO;
}
rc = put_user(tracewrap, pIndex );
- rc = put_user(TRACEMAX, ++pIndex );
- rc = put_user(tracestrip, ++pIndex );
- rc = put_user(tracestuff, ++pIndex );
+ rc |= put_user(TRACEMAX, ++pIndex);
+ rc |= put_user(tracestrip, ++pIndex);
+ rc |= put_user(tracestuff, ++pIndex);
pData += sizeof(int) * 6;
count -= sizeof(int) * 6;
@@ -2828,7 +2828,7 @@ DumpTraceBuffer ( char __user *pData, int count )
}
chunk = TRACEMAX - tracestrip;
if ( dumpcount > chunk ) {
- rc = copy_to_user(pData, &tracebuf[tracestrip],
+ rc |= copy_to_user(pData, &tracebuf[tracestrip],
chunk * sizeof(tracebuf[0]) );
pData += chunk * sizeof(tracebuf[0]);
tracestrip = 0;
@@ -2836,15 +2836,15 @@ DumpTraceBuffer ( char __user *pData, int count )
} else {
chunk = dumpcount;
}
- rc = copy_to_user(pData, &tracebuf[tracestrip],
+ rc |= copy_to_user(pData, &tracebuf[tracestrip],
chunk * sizeof(tracebuf[0]) );
tracestrip += chunk;
tracewrap = 0;
- rc = put_user(tracestrip, ++pIndex );
- rc = put_user(tracestuff, ++pIndex );
+ rc |= put_user(tracestrip, ++pIndex);
+ rc |= put_user(tracestuff, ++pIndex);
- return dumpcount;
+ return rc ? -EFAULT : dumpcount;
#else
return 0;
#endif
--
1.7.0.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] char: ip2: check put_user() result
2010-07-29 15:55 [PATCH] char: ip2: check put_user() result Kulikov Vasiliy
@ 2010-07-29 16:13 ` Alan Cox
0 siblings, 0 replies; 2+ messages in thread
From: Alan Cox @ 2010-07-29 16:13 UTC (permalink / raw)
To: Kulikov Vasiliy
Cc: kernel-janitors, Michael H. Warfield, Greg Kroah-Hartman,
Rakib Mullick, Andrew Morton, Ben Hutchings, linux-kernel
O> - return dumpcount;
> + return rc ? -EFAULT : dumpcount;
This is actually at least as wrong as before.
The standards say that if you successfully return some data you should
report the bytes returned. Normally it doesn't matter much because the
data has not been 'lost' when it gets called again.
If you actually remove the data from the queue it ought to be getting
reported with a suitable length.
Alan
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-07-29 16:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-07-29 15:55 [PATCH] char: ip2: check put_user() result Kulikov Vasiliy
2010-07-29 16:13 ` Alan Cox
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox