Commit 4d580698 authored by Andrew Morton's avatar Andrew Morton Committed by James Bottomley

[PATCH] usercopy checks in old_readdir()

Fix up some unchecked copy_to_user()s
parent de88f07f
...@@ -72,11 +72,16 @@ static int fillonedir(void * __buf, const char * name, int namlen, loff_t offset ...@@ -72,11 +72,16 @@ static int fillonedir(void * __buf, const char * name, int namlen, loff_t offset
return -EINVAL; return -EINVAL;
buf->count++; buf->count++;
dirent = buf->dirent; dirent = buf->dirent;
put_user(ino, &dirent->d_ino); if (!access_ok(VERIFY_WRITE, (unsigned long)dirent,
put_user(offset, &dirent->d_offset); (unsigned long)(dirent->d_name + namlen + 1) -
put_user(namlen, &dirent->d_namlen); (unsigned long)dirent))
copy_to_user(dirent->d_name, name, namlen); return -EFAULT;
put_user(0, dirent->d_name + namlen); if ( __put_user(ino, &dirent->d_ino) ||
__put_user(offset, &dirent->d_offset) ||
__put_user(namlen, &dirent->d_namlen) ||
__copy_to_user(dirent->d_name, name, namlen) ||
__put_user(0, dirent->d_name + namlen))
return -EFAULT;
return 0; return 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment