diff options
| author | Eric Biggers <ebiggers@google.com> | 2018-09-07 12:16:24 -0700 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.ibm.com> | 2018-10-10 12:56:14 -0400 |
| commit | 691115c3513ec83edf68ba6575ae85630bc94b8b (patch) | |
| tree | 8e77e6e14650f10a67a314380362f9430254e151 /security/integrity/ima/ima.h | |
| parent | e6123c524064a571616ec978b1317f1696eff0ae (diff) | |
| download | linux-691115c3513ec83edf68ba6575ae85630bc94b8b.tar.bz2 | |
vfs: require i_size <= SIZE_MAX in kernel_read_file()
On 32-bit systems, the buffer allocated by kernel_read_file() is too
small if the file size is > SIZE_MAX, due to truncation to size_t.
Fortunately, since the 'count' argument to kernel_read() is also
truncated to size_t, only the allocated space is filled; then, -EIO is
returned since 'pos != i_size' after the read loop.
But this is not obvious and seems incidental. We should be more
explicit about this case. So, fail early if i_size > SIZE_MAX.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima.h')
0 files changed, 0 insertions, 0 deletions