[PATCH 3.15 16/26] iovec: make sure the caller actually wants anything in memcpy_fromiovecend
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: 2014-08-08 21:50:53
Also in:
lkml
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: 2014-08-08 21:50:53
Also in:
lkml
3.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Sasha Levin <redacted> [ Upstream commit 06ebb06d49486676272a3c030bfeef4bd969a8e6 ] Check for cases when the caller requests 0 bytes instead of running off and dereferencing potentially invalid iovecs. Signed-off-by: Sasha Levin <redacted> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> --- net/core/iovec.c | 4 ++++ 1 file changed, 4 insertions(+)
--- a/net/core/iovec.c
+++ b/net/core/iovec.c@@ -107,6 +107,10 @@ EXPORT_SYMBOL(memcpy_toiovecend); int memcpy_fromiovecend(unsigned char *kdata, const struct iovec *iov, int offset, int len) { + /* No data? Done! */ + if (len == 0) + return 0; + /* Skip over the finished iovecs */ while (offset >= iov->iov_len) { offset -= iov->iov_len;