Re: mpol_to_str revisited.
From: Ben Hutchings <hidden>
Date: 2012-10-09 00:33:22
Also in:
lkml
Attachments
- signature.asc [application/pgp-signature] 828 bytes
From: Ben Hutchings <hidden>
Date: 2012-10-09 00:33:22
Also in:
lkml
On Mon, 2012-10-08 at 11:09 -0400, Dave Jones wrote:
Last month I sent in 80de7c3138ee9fd86a98696fd2cf7ad89b995d0a to remove a user triggerable BUG in mempolicy. Ben Hutchings pointed out to me that my change introduced a potential leak of stack contents to userspace, because none of the callers check the return value. This patch adds the missing return checking, and also clears the buffer beforehand. Reported-by: Ben Hutchings <redacted>
I was wearing my other hat at the time (ben@decadent.org.uk).
Cc: stable@kernel.org Signed-off-by: Dave Jones <redacted> --- unanswered question: why are the buffer sizes here different ? which is correct?
[...] Further question: why even use an intermediate buffer on the stack? Both callers want to write the result to a seq_file. Should mpol_str() then be replaced with a seq_mpol()? Ben. -- Ben Hutchings Who are all these weirdos? - David Bowie, about L-Space IRC channel #afp