[PATCH v5 1/4] exec: introduce get_user_arg_ptr() helper

From: Oleg Nesterov
Date: Sun Mar 06 2011 - 12:11:31 EST


Introduce get_user_arg_ptr() helper, convert count() and copy_strings()
to use it.

No functional changes, preparation. This helper is trivial, it just
reads the pointer from argv/envp user-space array.

Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
Tested-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
---

fs/exec.c | 36 +++++++++++++++++++++++++-----------
1 file changed, 25 insertions(+), 11 deletions(-)

--- 38/fs/exec.c~1_get_arg_ptr 2011-03-06 17:48:00.000000000 +0100
+++ 38/fs/exec.c 2011-03-06 17:51:01.000000000 +0100
@@ -395,6 +395,17 @@ err:
return err;
}

+static const char __user *
+get_user_arg_ptr(const char __user * const __user *argv, int nr)
+{
+ const char __user *ptr;
+
+ if (get_user(ptr, argv + nr))
+ return ERR_PTR(-EFAULT);
+
+ return ptr;
+}
+
/*
* count() counts the number of strings in array ARGV.
*/
@@ -404,13 +415,14 @@ static int count(const char __user * con

if (argv != NULL) {
for (;;) {
- const char __user * p;
+ const char __user *p = get_user_arg_ptr(argv, i);

- if (get_user(p, argv))
- return -EFAULT;
if (!p)
break;
- argv++;
+
+ if (IS_ERR(p))
+ return -EFAULT;
+
if (i++ >= max)
return -E2BIG;

@@ -440,16 +452,18 @@ static int copy_strings(int argc, const
int len;
unsigned long pos;

- if (get_user(str, argv+argc) ||
- !(len = strnlen_user(str, MAX_ARG_STRLEN))) {
- ret = -EFAULT;
+ ret = -EFAULT;
+ str = get_user_arg_ptr(argv, argc);
+ if (IS_ERR(str))
goto out;
- }

- if (!valid_arg_len(bprm, len)) {
- ret = -E2BIG;
+ len = strnlen_user(str, MAX_ARG_STRLEN);
+ if (!len)
+ goto out;
+
+ ret = -E2BIG;
+ if (!valid_arg_len(bprm, len))
goto out;
- }

/* We're going to work our way backwords. */
pos = bprm->p;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/