git://ftp.safe.ca / safe / jmp / linux-2.6 / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 66191dc) | patch
splice: missing user pointer access verification
authorJens Axboe <jens.axboe@oracle.com>
Fri, 8 Feb 2008 16:49:14 +0000 (08:49 -0800)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Fri, 8 Feb 2008 17:25:01 +0000 (09:25 -0800)
commit8811930dc74a503415b35c4a79d14fb0b408a361
tree464a99a2be2f87b8e019fea231592ddf3ec38de7tree | snapshot
parent66191dc622f5ff0a541524c4e96fdacfacfda206commit | diff
splice: missing user pointer access verification

vmsplice_to_user() must always check the user pointer and length
with access_ok() before copying. Likewise, for the slow path of
copy_from_user_mmap_sem() we need to check that we may read from
the user region.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
Cc: Wojciech Purczynski <cliph@research.coseinc.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/splice.c diff | blob | history
Full containers within linux kernel