unfuck binfmt_misc.c (broken by commit e6084d4)

scanarg(s, del) never returns s; the empty field results in s + 1.
Restore the correct checks, and move NUL-termination into scanarg(),
while we are at it.

Incidentally, mixing "coding style cleanups" (for small values of cleanup)
with functional changes is a Bad Idea(tm)...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro 2014-12-17 05:29:16 -05:00
parent 50062175ff
commit 7d65cf10e3

View file

@ -254,6 +254,7 @@ static char *scanarg(char *s, char del)
return NULL; return NULL;
} }
} }
s[-1] ='\0';
return s; return s;
} }
@ -378,8 +379,7 @@ static Node *create_entry(const char __user *buffer, size_t count)
p = scanarg(p, del); p = scanarg(p, del);
if (!p) if (!p)
goto einval; goto einval;
p[-1] = '\0'; if (!e->magic[0])
if (p == e->magic)
goto einval; goto einval;
if (USE_DEBUG) if (USE_DEBUG)
print_hex_dump_bytes( print_hex_dump_bytes(
@ -391,8 +391,7 @@ static Node *create_entry(const char __user *buffer, size_t count)
p = scanarg(p, del); p = scanarg(p, del);
if (!p) if (!p)
goto einval; goto einval;
p[-1] = '\0'; if (!e->mask[0]) {
if (p == e->mask) {
e->mask = NULL; e->mask = NULL;
pr_debug("register: mask[raw]: none\n"); pr_debug("register: mask[raw]: none\n");
} else if (USE_DEBUG) } else if (USE_DEBUG)