[PATCH 05/12] HPPFS: check copy_*_user calls

From: Paolo 'Blaisorblade' Giarrusso
Date: Sun Sep 18 2005 - 09:24:44 EST


Add missing checking for copy_to_user() calls, and fix the existing ones
(we must return the number of correctly read bytes - XXX: verify please.).
---

fs/hppfs/hppfs_kern.c | 36 +++++++++++++++++++++---------------
1 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/fs/hppfs/hppfs_kern.c b/fs/hppfs/hppfs_kern.c
--- a/fs/hppfs/hppfs_kern.c
+++ b/fs/hppfs/hppfs_kern.c
@@ -258,7 +258,7 @@ static ssize_t read_proc(struct file *fi
static ssize_t hppfs_read_file(int fd, char *buf, ssize_t count)
{
ssize_t n;
- int cur, err;
+ int cur, ret;
char *new_buf;

n = -ENOMEM;
@@ -268,27 +268,30 @@ static ssize_t hppfs_read_file(int fd, c
goto out;
}
n = 0;
- while(count > 0){
+ while (count > 0) {
+ unsigned long left;
cur = min_t(ssize_t, count, PAGE_SIZE);
- err = os_read_file(fd, new_buf, cur);
- if(err < 0){
- printk("hppfs_read : read failed, errno = %d\n", -err);
- n = err;
+ ret = os_read_file(fd, new_buf, cur);
+ if (ret < 0) {
+ printk("hppfs_read : read failed, errno = %d\n", -ret);
+ n = ret;
goto out_free;
- }
- else if(err == 0)
+ } else if (ret == 0)
break;

- if(copy_to_user(buf, new_buf, err)){
- n = -EFAULT;
+ left = copy_to_user(buf, new_buf, ret);
+ n += ret - left;
+ count -= ret - left;
+
+ if (left) {
+ if (!n)
+ n = -EFAULT;
goto out_free;
}
- n += err;
- count -= err;
}
- out_free:
+out_free:
kfree(new_buf);
- out:
+out:
return n;
}

@@ -313,7 +316,10 @@ static ssize_t hppfs_read(struct file *f

if(off + count > hppfs->len)
count = hppfs->len - off;
- copy_to_user(buf, &data->contents[off], count);
+ err = copy_to_user(buf, &data->contents[off], count);
+ count -= err;
+ if (!count)
+ return -EFAULT;
*ppos += count;
} else if(hppfs->host_fd != -1) {
err = os_seek_file(hppfs->host_fd, *ppos);

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/