[patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to_user return code
@ 2005-03-06 22:21 domen
  2005-03-06 22:32 ` YOSHIFUJI Hideaki / 吉藤英明
  0 siblings, 1 reply; 4+ messages in thread
From: domen @ 2005-03-06 22:21 UTC (permalink / raw)
  To: davem; +Cc: netdev, domen, yrgrknmxpzlk


compile warning cleanup - handle copy_to/from_user error 
returns

Signed-off-by: Stephen Biggs <yrgrknmxpzlk@gawab.com>
Signed-off-by: Domen Puncer <domen@coderock.org>
---


 kj-domen/net/ipv6/ip6_flowlabel.c |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

diff -puN net/ipv6/ip6_flowlabel.c~return_code-net_ipv6_ip6_flowlabel net/ipv6/ip6_flowlabel.c
--- kj/net/ipv6/ip6_flowlabel.c~return_code-net_ipv6_ip6_flowlabel	2005-03-05 16:13:10.000000000 +0100
+++ kj-domen/net/ipv6/ip6_flowlabel.c	2005-03-05 16:13:10.000000000 +0100
@@ -537,9 +537,13 @@ release:
 			goto done;
 
 		/* Do not check for fault */
-		if (!freq.flr_label)
-			copy_to_user(&((struct in6_flowlabel_req __user *) optval)->flr_label,
-				     &fl->label, sizeof(fl->label));
+		if (!freq.flr_label) {
+			if (copy_to_user(&((struct in6_flowlabel_req __user *)optval)->flr_label,
+				     &fl->label, sizeof(fl->label))) {
+				err = -EFAULT;
+				goto done;
+			}
+		}
 
 		sfl1->fl = fl;
 		sfl1->next = np->ipv6_fl_list;
_

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to_user return code
  2005-03-06 22:21 [patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to_user return code domen
@ 2005-03-06 22:32 ` YOSHIFUJI Hideaki / 吉藤英明
  2005-03-06 22:38   ` YOSHIFUJI Hideaki / 吉藤英明
  0 siblings, 1 reply; 4+ messages in thread
From: YOSHIFUJI Hideaki / 吉藤英明 @ 2005-03-06 22:32 UTC (permalink / raw)
  To: domen; +Cc: davem, netdev, yrgrknmxpzlk, yoshfuji

In article <20050306222118.401D11ED3D@trashy.coderock.org> (at Sun, 06 Mar 2005 23:21:17 +0100), domen@coderock.org says:

> 
> compile warning cleanup - handle copy_to/from_user error 
> returns

Wrong. You introduce a leak.

>  		/* Do not check for fault */
> -		if (!freq.flr_label)
> -			copy_to_user(&((struct in6_flowlabel_req __user *) optval)->flr_label,
> -				     &fl->label, sizeof(fl->label));

Don't you see the comment: "Do not check for fault?"

--yoshfuji

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to_user return code
  2005-03-06 22:32 ` YOSHIFUJI Hideaki / 吉藤英明
@ 2005-03-06 22:38   ` YOSHIFUJI Hideaki / 吉藤英明
  2005-03-07  7:13     ` Stephen Biggs
  0 siblings, 1 reply; 4+ messages in thread
From: YOSHIFUJI Hideaki / 吉藤英明 @ 2005-03-06 22:38 UTC (permalink / raw)
  To: domen; +Cc: davem, netdev, yrgrknmxpzlk, yoshfuji

In article <20050307.073213.32943613.yoshfuji@linux-ipv6.org> (at Mon, 07 Mar 2005 07:32:13 +0900 (JST)), YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@linux-ipv6.org> says:

> In article <20050306222118.401D11ED3D@trashy.coderock.org> (at Sun, 06 Mar 2005 23:21:17 +0100), domen@coderock.org says:
> 
> > 
> > compile warning cleanup - handle copy_to/from_user error 
> > returns
> 
> Wrong. You introduce a leak.

Ah, sorry, not really, but I still think it is wrong:
fl_intern() insert it to hash, and
then you freed up the memory.
I believe this is wrong.

--yoshfuji

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to_user return code
  2005-03-06 22:38   ` YOSHIFUJI Hideaki / 吉藤英明
@ 2005-03-07  7:13     ` Stephen Biggs
  0 siblings, 0 replies; 4+ messages in thread
From: Stephen Biggs @ 2005-03-07  7:13 UTC (permalink / raw)
  To: yoshfuji, davem, netdev, yoshfuji, domen

Mr. Hideaki,

Thank you very much (domo arigato gozaimasu) for your feedback.  Please 
see below for my comments.

On 7 Mar 2005 at 7:38, B wrote:

> In article <20050307.073213.32943613.yoshfuji@linux-ipv6.org> (at Mon, 07 Mar 2005 07:32:13 +0900 (JST)), YOSHIFUJI Hideaki /  $B5HF#1QL@ (B <yoshfuji@linux-ipv6.org> says:
> 
> > In article <20050306222118.401D11ED3D@trashy.coderock.org> (at Sun, 06 Mar 2005 23:21:17 +0100), domen@coderock.org says:
> > 
> > > 
> > > compile warning cleanup - handle copy_to/from_user error 
> > > returns
> > 
> > Wrong. You introduce a leak.
> 
> Ah, sorry, not really,

Actually, you are correct.  This is one of my first attempts at a patch 
submittal and this is one of a few patches where I did not check for side 
effects.  I will try very much not to make that same mistake again.

> but I still think it is wrong:
> fl_intern() insert it to hash, and
> then you freed up the memory.
> I believe this is wrong.

Yes, you are completely correct, and thank you for catching this.

I will submit a more correct patch shortly.

> 
> --yoshfuji
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2005-03-07  7:13 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-03-06 22:21 [patch 4/5] net/ipv6/ip6_flowlabel.c: copy_to_user return code domen
2005-03-06 22:32 ` YOSHIFUJI Hideaki / 吉藤英明
2005-03-06 22:38   ` YOSHIFUJI Hideaki / 吉藤英明
2005-03-07  7:13     ` Stephen Biggs

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).