From: Adam B. Jerome <[email protected]>
This patch addresses potential 'larger than buffer size' memory accesses by clear_user().
Without this patch, this call to clear_user() can attempt to clear too many (tsz) bytes
resulting in a wrong (-EFAULT) return code by read_kcore().
Signed-off-by: Adam B. Jerome <[email protected]>
---
I do not subscribe to the list. Please CC posted answers/comments CC me <[email protected]>.
Thanks; -adam
diff -urpN linux-2.6-git/fs/proc/kcore.c linux-2.6-cur/fs/proc/kcore.c
--- linux-2.6-git/fs/proc/kcore.c 2006-07-07 15:39:23.000000000 -0600
+++ linux-2.6-cur/fs/proc/kcore.c 2006-07-07 16:11:58.000000000 -0600
@@ -384,7 +384,7 @@ read_kcore(struct file *file, char __use
*/
if (n) {
if (clear_user(buffer + tsz - n,
- tsz - n))
+ n))
return -EFAULT;
}
} else {
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]