Re: [Coverity] Untrusted user data in kernel

From: Tomas Carnecky
Date: Fri Dec 17 2004 - 14:43:27 EST

Oliver Neukum wrote:
But the difference between you example (cp /dev/zero /dev/mem) and passing unchecked data to the kernel is... you _can_ check the data and

This is the difference:
static int open_port(struct inode * inode, struct file * filp)
return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
(from mem.c)

OK, but my point was, whenever you can check the 'contents' of the data passed to the kernel, do it. You can't check if the data someone writes to /dev/mem is valid or not, but you can check for out-of-range/etc. data in ioctl & friends.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at