Re: [PATCH linux-next] ipc: fix local variable initialization incompat_do_msg_fill()
From: Konstantin Khlebnikov
Date: Thu Apr 19 2012 - 09:00:51 EST
Konstantin Khlebnikov wrote:
The "msgp" must points to the userspace buffer.
fix for linux-next commit 774d0252d303969a7281eefd6eaccde50bb6eb6e
("c/r: ipc: message queue receive cleanup")
Oops, Dan Carpenter had caught this several days before me:
[patch] c/r: ipc: uninitialized variable in compat_do_msg_fill()
Signed-off-by: Konstantin Khlebnikov<khlebnikov@xxxxxxxxxx>
Cc: Stanislav Kinsbursky<skinsbursky@xxxxxxxxxxxxx>
Cc: Lucas De Marchi<lucas.de.marchi@xxxxxxxxx>
Cc: Chris Metcalf<cmetcalf@xxxxxxxxxx>
Cc: Cyrill Gorcunov<gorcunov@xxxxxxxxxx>
Cc: Pavel Emelyanov<xemul@xxxxxxxxxxxxx>
Cc: Arnd Bergmann<arnd@xxxxxxxx>
Cc: Andrew Morton<akpm@xxxxxxxxxxxxxxxxxxxx>
---
ipc/compat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ipc/compat.c b/ipc/compat.c
index 6da376b..0c2ebd0 100644
--- a/ipc/compat.c
+++ b/ipc/compat.c
@@ -363,7 +363,7 @@ static long compat_do_msg_steal(void __user *dest, struct msg_msg *msg, size_t b
long compat_do_msg_fill(void __user *dest, struct msg_msg *msg, size_t bufsz)
{
- struct compat_msgbuf __user *msgp;
+ struct compat_msgbuf __user *msgp = dest;
size_t msgsz;
if (put_user(msg->m_type,&msgp->mtype))
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/