Re: [PATCH 1/2] strndup_user, convert (module)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 15 Feb 2006 18:23:06 -0300 Davi Arnaut wrote:

> Convert kernel/module.c string duplication to strdup_user()
> 
> Signed-off-by: Davi Arnaut <[email protected]>
> --
> 
> diff --git a/kernel/module.c b/kernel/module.c
> index 5aad477..d7d428d 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -1538,7 +1538,6 @@ static struct module *load_module(void _
>  	unsigned int i, symindex = 0, strindex = 0, setupindex, exindex,
>  		exportindex, modindex, obsparmindex, infoindex, gplindex,
>  		crcindex, gplcrcindex, versindex, pcpuindex;
> -	long arglen;
>  	struct module *mod;
>  	long err = 0;
>  	void *percpu = NULL, *ptr = NULL; /* Stops spurious gcc warning */
> @@ -1655,23 +1654,11 @@ static struct module *load_module(void _
>  	}
>  
>  	/* Now copy in args */
> -	arglen = strlen_user(uargs);
> -	if (!arglen) {
> -		err = -EFAULT;
> -		goto free_hdr;
> -	}
> -	args = kmalloc(arglen, GFP_KERNEL);
> -	if (!args) {
> -		err = -ENOMEM;
> +	args = strdup_user(uargs);

Before your changes the args string was limited by the maximum size
supported by kmalloc(); you have changed the limit to 4096 hardcoded
inside strdup_user(), which is much lower.

> +	if (IS_ERR(args)) {
> +		err = PTR_ERR(args);
>  		goto free_hdr;
>  	}
> -	if (copy_from_user(args, uargs, arglen) != 0) {
> -		err = -EFAULT;
> -		goto free_mod;
> -	}
> -
> -	/* Userspace could have altered the string after the strlen_user() */
> -	args[arglen - 1] = '\0';
>  
>  	if (find_module(mod->name)) {
>  		err = -EEXIST;

Attachment: pgpbm2mkb4slz.pgp
Description: PGP signature

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux