[patch] nfsd: don't allow zero length strings in cache_parse()

From: Dan Carpenter
Date: Wed Jan 18 2012 - 04:55:14 EST


There is no point in passing a zero length string here and quite a
few of that cache_parse() implementations will Oops if count is
zero.

Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c
index 465df9a..8c6598e 100644
--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -828,6 +828,8 @@ static ssize_t cache_do_downcall(char *kaddr, const char __user *buf,
{
ssize_t ret;

+ if (count == 0)
+ return -EINVAL;
if (copy_from_user(kaddr, buf, count))
return -EFAULT;
kaddr[count] = '\0';

Attachment: signature.asc
Description: Digital signature