| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <57B823C7.3040705@bfs.de>
Date: Sat, 20 Aug 2016 11:32:55 +0200
From: walter harms <wharms@....de>
To: unlisted-recipients:; (no To-header on input)
CC: linux-rdma@...r.kernel.org, netdev@...r.kernel.org,
Leon Romanovsky <leonro@...lanox.com>,
Matan Barak <matanb@...lanox.com>,
LKML <linux-kernel@...r.kernel.org>,
kernel-janitors@...r.kernel.org,
Julia Lawall <julia.lawall@...6.fr>
Subject: Re: [PATCH] mlx5/core: Use memdup_user() rather than duplicating
its implementation
Am 20.08.2016 08:01, schrieb SF Markus Elfring:
> From: Markus Elfring <elfring@...rs.sourceforge.net>
> Date: Sat, 20 Aug 2016 07:50:09 +0200
>
> * Reuse existing functionality from memdup_user() instead of keeping
> duplicate source code.
>
> This issue was detected by using the Coccinelle software.
>
> * Return directly if this copy operation failed.
>
> Signed-off-by: Markus Elfring <elfring@...rs.sourceforge.net>
> ---
> drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 17 +++--------------
> 1 file changed, 3 insertions(+), 14 deletions(-)
>
> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/cmd.c b/drivers/net/ethernet/mellanox/mlx5/core/cmd.c
> index 6388bc0..bb89f04 100644
> --- a/drivers/net/ethernet/mellanox/mlx5/core/cmd.c
> +++ b/drivers/net/ethernet/mellanox/mlx5/core/cmd.c
> @@ -1132,7 +1132,6 @@ static ssize_t data_write(struct file *filp, const char __user *buf,
> struct mlx5_core_dev *dev = filp->private_data;
> struct mlx5_cmd_debug *dbg = &dev->cmd.dbg;
> void *ptr;
> - int err;
>
> if (*pos != 0)
> return -EINVAL;
> @@ -1140,25 +1139,15 @@ static ssize_t data_write(struct file *filp, const char __user *buf,
> kfree(dbg->in_msg);
> dbg->in_msg = NULL;
> dbg->inlen = 0;
> -
> - ptr = kzalloc(count, GFP_KERNEL);
> - if (!ptr)
> - return -ENOMEM;
> -
> - if (copy_from_user(ptr, buf, count)) {
> - err = -EFAULT;
> - goto out;
> - }
> + ptr = memdup_user(buf, count);
> + if (IS_ERR(ptr))
> + return PTR_ERR(ptr);
> dbg->in_msg = ptr;
> dbg->inlen = count;
>
> *pos = count;
>
maybe i am missing something here but why do you need ptr ?
The use of count looks even more confusing it is stored in
dbg->inlen, *pos and is returned.
is that realy needed ?
re,
wh
> return count;
> -
> -out:
> - kfree(ptr);
> - return err;
> }
>
> static ssize_t data_read(struct file *filp, char __user *buf, size_t count,
Powered by blists - more mailing lists