diff options
| author | David Disseldorp <ddiss@suse.de> | 2022-05-09 18:29:20 -0700 |
|---|---|---|
| committer | akpm <akpm@linux-foundation.org> | 2022-05-09 18:29:20 -0700 |
| commit | 3a2699cfbe317f6e1b9c84d2f10ab7debb1c79dc (patch) | |
| tree | 86fd88d4da577fcdae5c0f33edbf889bcb290477 /fs/eventfd.c | |
| parent | 1274aea127b2e8c9a4b9cbcc3ea6baf78990a958 (diff) | |
| download | linux-3a2699cfbe317f6e1b9c84d2f10ab7debb1c79dc.tar.bz2 | |
gen_init_cpio: fix short read file handling
When processing a "file" entry, gen_init_cpio attempts to allocate a
buffer large enough to stage the entire contents of the source file. It
then attempts to fill the buffer via a single read() call and subsequently
writes out the entire buffer length, without checking that read() returned
the full length, potentially writing uninitialized buffer memory.
Fix this by breaking up file I/O into 64k chunks and only writing the
length returned by the prior read() call.
Link: https://lkml.kernel.org/r/20220404093429.27570-5-ddiss@suse.de
Signed-off-by: David Disseldorp <ddiss@suse.de>
Reviewed-by: Martin Wilck <mwilck@suse.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Diffstat (limited to 'fs/eventfd.c')
0 files changed, 0 insertions, 0 deletions