| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1505877071-76996-1-git-send-email-mengxu.gatech@gmail.com>
Date: Tue, 19 Sep 2017 23:11:11 -0400
From: Meng Xu <mengxu.gatech@...il.com>
To: sathya.prakash@...adcom.com, chaitra.basappa@...adcom.com,
suganath-prabu.subramani@...adcom.com, jejb@...ux.vnet.ibm.com,
martin.petersen@...cle.com, MPT-FusionLinux.pdl@...adcom.com,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: meng.xu@...ech.edu, sanidhya@...ech.edu, taesoo@...ech.edu,
Meng Xu <mengxu.gatech@...il.com>
Subject: [PATCH] mpt3sas: downgrade full copy_from_user to access_ok check
Since right after the user copy, we are going to
memset(&karg, 0, sizeof(karg)), I guess an access_ok check is enough?
Signed-off-by: Meng Xu <mengxu.gatech@...il.com>
---
drivers/scsi/mpt3sas/mpt3sas_ctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/mpt3sas/mpt3sas_ctl.c b/drivers/scsi/mpt3sas/mpt3sas_ctl.c
index bdffb69..b363d2d 100644
--- a/drivers/scsi/mpt3sas/mpt3sas_ctl.c
+++ b/drivers/scsi/mpt3sas/mpt3sas_ctl.c
@@ -1065,7 +1065,7 @@ _ctl_getiocinfo(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
{
struct mpt3_ioctl_iocinfo karg;
- if (copy_from_user(&karg, arg, sizeof(karg))) {
+ if (!access_ok(VERIFY_READ, arg, sizeof(karg))) {
pr_err("failure at %s:%d/%s()!\n",
__FILE__, __LINE__, __func__);
return -EFAULT;
--
2.7.4
Powered by blists - more mailing lists