Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0635170b authored by Adam B. Jerome's avatar Adam B. Jerome Committed by Linus Torvalds
Browse files

[PATCH] /fs/proc/: 'larger than buffer size' memory accessed by clear_user() 



Address a potential 'larger than buffer size' memory access by
clear_user().  Without this patch, this call to clear_user() can attempt to
clear too many (tsz) bytes resulting in a wrong (-EFAULT) return code by
read_kcore().

Signed-off-by: default avatarAdam B. Jerome <abj@novell.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 232ba9db

fs/proc/kcore.c

+1 −1
Original line number Diff line number Diff line
@@ -382,7 +382,7 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos) 
				 */

				if (n) { 

					if (clear_user(buffer + tsz - n,

								tsz - n))

								n))

						return -EFAULT;

				}

			} else {