Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[IA64] SN2: security hole in sn2_ptc_proc_write

Browse source 
Security hole in sn2_ptc_proc_write

It is possible to overrun a buffer with a write to this /proc file.

Signed-off-by: Cliff Wickman <cpw@sgi.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
This commit is contained in:
Cliff Wickman 2008-06-20 12:02:00 -07:00 committed by Tony Luck
parent 9bedbcb207
commit e0c6d97c65
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
arch/ia64/sn/kernel/sn2/sn2_smp.c
View file

@ -512,6 +512,8 @@ static ssize_t sn2_ptc_proc_write(struct file *file, const char __user *user, si
int cpu;
char optstr[64];
if (count > sizeof(optstr))
return -EINVAL;
if (copy_from_user(optstr, user, count))
return -EFAULT;
optstr[count - 1] = '\0';