[PATCH] fix unsigned issue with env_end - env_start

From: Chris Wright <chrisw@osdl.org> Fix for CAN-2003-0462: A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).

[PATCH] fix unsigned issue with env_end - env_start
From: Chris Wright <chrisw@osdl.org> Fix for CAN-2003-0462: A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
d585d2c0 · Andrew Morton · Linus Torvalds · 02c541ec · d585d2c0
Commit d585d2c0 authored Dec 29, 2003 by Andrew Morton Committed by Linus Torvalds Dec 29, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

fs/proc/base.c fs/proc/base.c +2 -2

No files found.
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -282,7 +282,7 @@ static int proc_pid_environ(struct task_struct *task, char * buffer)
 	int res = 0;
 	struct mm_struct *mm = get_task_mm(task);
 	if (mm) {
-		int len = mm->env_end - mm->env_start;
+		unsigned int len = mm->env_end - mm->env_start;
 		if (len > PAGE_SIZE)
 			len = PAGE_SIZE;
 		res = access_process_vm(task, mm->env_start, buffer, len, 0);
@@ -294,7 +294,7 @@ static int proc_pid_environ(struct task_struct *task, char * buffer)
 static int proc_pid_cmdline(struct task_struct *task, char * buffer)
 {
 	int res = 0;
-	int len;
+	unsigned int len;
 	struct mm_struct *mm = get_task_mm(task);
 	if (!mm)
 		goto out;