[PATCH] ip2: Correction to unchecked calls copy_to_user/put_user in ip2 debug code

From: Johan Wessfeldt
Date: Thu Feb 17 2011 - 00:22:30 EST

Next message: Kyungmin Park: "[PATCH] fat: Batched discard support for fat"
Previous message: Mike Galbraith: "Re: Patch "sched: Give CPU bound RT tasks preference" has beenadded to the 2.6.32-longterm tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch fixes unchecked calls to copy_to_user() and put_user() in the
ip2 driver debug code, ie. when IP2DEBUG_TRACE and DEBUG_FIFO are set.
Minor coding style issues were corrected in corresponding code.

Signed-off-by: Johan Wessfeldt <johan.wessfeldt@xxxxxxxxx>
---
drivers/char/ip2/ip2main.c | 55 ++++++++++++++++++++++++++++----------------
1 files changed, 35 insertions(+), 20 deletions(-)

diff --git a/drivers/char/ip2/ip2main.c b/drivers/char/ip2/ip2main.c
index fcd02ba..e1d2f47 100644
--- a/drivers/char/ip2/ip2main.c
+++ b/drivers/char/ip2/ip2main.c
@@ -2803,13 +2803,12 @@ ip2_ipl_read(struct file *pFile, char __user *pData, size_t count, loff_t *off )
}

static int
-DumpFifoBuffer ( char __user *pData, int count )
+DumpFifoBuffer(char __user *pData, int count)
{
#ifdef DEBUG_FIFO
- int rc;
- rc = copy_to_user(pData, DBGBuf, count);
-
- printk(KERN_DEBUG "Last index %d\n", I );
+ if (copy_to_user(pData, DBGBuf, count))
+ return -EFAULT;
+ printk(KERN_DEBUG "Last index %d\n", I);

return count;
#endif /* DEBUG_FIFO */
@@ -2817,21 +2816,28 @@ DumpFifoBuffer ( char __user *pData, int count )
}

static int
-DumpTraceBuffer ( char __user *pData, int count )
+DumpTraceBuffer(char __user *pData, int count)
{
#ifdef IP2DEBUG_TRACE
- int rc;
int dumpcount;
int chunk;
int *pIndex = (int __user *)pData;

- if ( count < (sizeof(int) * 6) ) {
+ if (count < (sizeof(int) * 6))
return -EIO;
- }
- rc = put_user(tracewrap, pIndex );
- rc = put_user(TRACEMAX, ++pIndex );
- rc = put_user(tracestrip, ++pIndex );
- rc = put_user(tracestuff, ++pIndex );
+
+ if (put_user(tracewrap, pIndex))
+ return -EFAULT;
+
+ if (put_user(TRACEMAX, ++pIndex))
+ return -EFAULT;
+
+ if (put_user(tracestrip, ++pIndex))
+ return -EFAULT;
+
+ if (put_user(tracestuff, ++pIndex))
+ return -EFAULT;
+
pData += sizeof(int) * 6;
count -= sizeof(int) * 6;

@@ -2843,22 +2849,31 @@ DumpTraceBuffer ( char __user *pData, int count )
dumpcount = count;
}
chunk = TRACEMAX - tracestrip;
- if ( dumpcount > chunk ) {
- rc = copy_to_user(pData, &tracebuf[tracestrip],
- chunk * sizeof(tracebuf[0]) );
+ if (dumpcount > chunk) {
+
+ if (copy_to_user(pData, &tracebuf[tracestrip],
+ chunk * sizeof(tracebuf[0]) ))
+ return -EFAULT;
+
pData += chunk * sizeof(tracebuf[0]);
tracestrip = 0;
chunk = dumpcount - chunk;
} else {
chunk = dumpcount;
}
- rc = copy_to_user(pData, &tracebuf[tracestrip],
- chunk * sizeof(tracebuf[0]) );
+
+ if (copy_to_user(pData, &tracebuf[tracestrip],
+ chunk * sizeof(tracebuf[0]) ))
+ return -EFAULT;
+
tracestrip += chunk;
tracewrap = 0;

- rc = put_user(tracestrip, ++pIndex );
- rc = put_user(tracestuff, ++pIndex );
+ if (put_user(tracestrip, ++pIndex))
+ return -EFAULT;
+
+ if (put_user(tracestuff, ++pIndex))
+ return -EFAULT;

return dumpcount;
#else
--
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kyungmin Park: "[PATCH] fat: Batched discard support for fat"
Previous message: Mike Galbraith: "Re: Patch "sched: Give CPU bound RT tasks preference" has beenadded to the 2.6.32-longterm tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]