lib: Fix strnlen_user() to not touch memory after specified maximum - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Jan Kara <jack@suse.cz>	2015-06-02 17:10:28 +0200
committer	Linus Torvalds <torvalds@linux-foundation.org>	2015-06-02 10:28:52 -0700
commit	f18c34e483ff6b1d9866472221e4015b3a4698e4 (patch)
tree	55542172dd992db5172eb64078ce01cac7db1a7b /lib/uuid.c
parent	c46a024ea5eb0165114dbbc8c82c29b7bcf66e71 (diff)
download	linux-f18c34e483ff6b1d9866472221e4015b3a4698e4.tar.bz2

lib: Fix strnlen_user() to not touch memory after specified maximum

If the specified maximum length of the string is a multiple of unsigned long, we would load one long behind the specified maximum. If that happens to be in a next page, we can hit a page fault although we were not expected to. Fix the off-by-one bug in the test whether we are at the end of the specified range. Signed-off-by: Jan Kara <jack@suse.cz> Cc: stable@vger.kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Diffstat (limited to 'lib/uuid.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: