提交 0635170b 编写于 作者: A Adam B. Jerome 提交者: Linus Torvalds

[PATCH] /fs/proc/: 'larger than buffer size' memory accessed by clear_user()

Address a potential 'larger than buffer size' memory access by
clear_user().  Without this patch, this call to clear_user() can attempt to
clear too many (tsz) bytes resulting in a wrong (-EFAULT) return code by
read_kcore().
Signed-off-by: NAdam B. Jerome <abj@novell.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
上级 232ba9db
......@@ -382,7 +382,7 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos)
*/
if (n) {
if (clear_user(buffer + tsz - n,
tsz - n))
n))
return -EFAULT;
}
} else {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册