| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Feb 2016 18:02:45 +0800
From: <chenjie6@...wei.com>
To: Alexander Viro <viro@...iv.linux.org.uk>,
Matthew Wilcox <willy@...ux.intel.com>,
<linux-fsdevel@...r.kernel.org>, <zhihui.gao@...wei.com>
CC: <linux-kernel@...r.kernel.org>, <lizefan@...wei.com>,
chenjie <chenjie6@...wei.com>, <stable@...r.kernel.org>
Subject: [PATCH] bugfix of access a invalid addr
From: chenjie <chenjie6@...wei.com>
when we run fs_fsbase_t, some testcase like
write05 failed
write05 0 TINFO : Enter Block 1: test with bad fd
write05 1 TPASS : received EBADF as expected.
write05 0 TINFO : Exit Block 1
write05 0 TINFO : Enter Block 2: test with a bad address
write05 2 TFAIL : write() on an invalid buffer succeeded,
but should have failed
Cc: <stable@...r.kernel.org>
Signed-off-by: chenjie <chenjie6@...wei.com>
---
fs/dax.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/dax.c b/fs/dax.c
index fc2e314..e1b1ff6 100644
--- a/fs/dax.c
+++ b/fs/dax.c
@@ -214,6 +214,11 @@ static ssize_t dax_io(struct inode *inode, struct iov_iter *iter,
max = min(pos + size, end);
}
+ if (unlikely(iov_iter_fault_in_readable(iter, max - pos))) {
+ retval = -EFAULT;
+ break;
+ }
+
if (iov_iter_rw(iter) == WRITE) {
len = copy_from_iter_pmem(dax.addr, max - pos, iter);
need_wmb = true;
--
1.8.0
Powered by blists - more mailing lists