s390/compat: fix compat_sys_statfs() memory corruption
The f_spare field within struct compat_statfs is four bytes larger than within the native 31 bit struct statfs. compat_sys_statfs() clears the f_spare field in user space which means that in compat mode four bytes that are behind the user space supplied struct compat_statfs will be corrupted (zeroed). According to Thomas Gleixner's Linux 2.6 history tree this bug is present since v2.5.74 87880da124 "[PATCH] s390: 31 bit compat.". So it get's fixed shortly before its 10th anniversary. Tough luck. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
This commit is contained in:
Heiko Carstens
Martin Schwidefsky
parent
241fd9bcbc
commit
a2aec0d3e2
1 changed files with 1 additions and 1 deletions
|
|
@ -135,7 +135,7 @@ struct compat_statfs {
|
|||
s32 f_namelen;
|
||||
s32 f_frsize;
|
||||
s32 f_flags;
|
||||
s32 f_spare[5];
|
||||
s32 f_spare[4];
|
||||
};
|
||||
|
||||
#define COMPAT_RLIM_OLD_INFINITY 0x7fffffff
|
||||
|
|
|
|||
Loading…
Reference in a new issue