The fix below seems rather important.
--- ../linux/mm/shmem.c Fri Dec 21 17:42:05 2001
+++ mm/shmem.c Mon Feb 18 19:46:04 2002
@@ -740,6 +749,13 @@
static struct inode_operations shmem_symlink_inode_operations;
static struct inode_operations shmem_symlink_inline_operations;
+/*
+ * This is a copy of generic_file_write slightly modified. It would
+ * help no end if it were kept remotely up to date with the
+ * generic_file_write changes. I don't alas see a good way to merge
+ * it back and use the generic one -- Alan
+ */
+
static ssize_t
shmem_file_write(struct file *file,const char *buf,size_t count,loff_t *ppos)
{
@@ -751,7 +767,12 @@
unsigned long written;
long status;
int err;
+ if ((ssize_t) count < 0)
+ return -EINVAL;
+
+ if (!access_ok(VERIFY_READ, buf, count))
+ return -EFAULT;
down(&inode->i_sem);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Feb 23 2002 - 21:00:15 EST