diff options
| author | Chen Gang <[email protected]> | 2013-07-03 15:02:36 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2013-07-03 16:07:31 -0700 |
| commit | 9bde916bc73255dcee3d8aded990443675daa707 (patch) | |
| tree | 5f8487f28ba847ff7b7ddf1df6493ba20d555ebd | |
| parent | dacbde0963d62a4962d5e8a5cc38dfd1f016124b (diff) | |
mm/nommu.c: add additional check for vread() just like vwrite() has done
vwrite() checks for overflow. vread() should do the same thing.
Since vwrite() checks the source buffer address, vread() should check
the destination buffer address.
Signed-off-by: Chen Gang <[email protected]>
Cc: Al Viro <[email protected]>
Cc: Michel Lespinasse <[email protected]>
Cc: Rik van Riel <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
| -rw-r--r-- | mm/nommu.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/mm/nommu.c b/mm/nommu.c index 298884dcd6e7..1898b2fe9da5 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -282,6 +282,10 @@ EXPORT_SYMBOL(vmalloc_to_pfn); long vread(char *buf, char *addr, unsigned long count) { + /* Don't allow overflow */ + if ((unsigned long) buf + count < count) + count = -(unsigned long) buf; + memcpy(buf, addr, count); return count; } |