[NETFILTER]: x_tables: don't use __copy_{from,to}_user on unchecked memory in compat layer

Noticed by Linus Torvalds <torvalds@osdl.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2006-05-04 02:20:27 -0400
committer: David S. Miller <davem@davemloft.net> 2006-05-04 02:20:27 -0400
commit: 7800007c1e2d42cd4120b87b0ba3f3480f17f30a (patch)
tree: 831514416c91adcf7bdf87b6c6fd8d7660e1883e /net/netfilter
parent: 7582e9d17edbabab6cbe59467c5d1b5e8c04fca8 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 17abf60f9570..99293c63ff73 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -289,7 +289,7 @@ int xt_compat_match(void *match, void **dstptr, int *size, int convert)
                case COMPAT_TO_USER:
                        pm = (struct xt_entry_match *)match;
                        msize = pm->u.user.match_size;
-                        if (__copy_to_user(*dstptr, pm, msize)) {
+                        if (copy_to_user(*dstptr, pm, msize)) {
                                ret = -EFAULT;
                                break;
                        }
@@ -366,7 +366,7 @@ int xt_compat_target(void *target, void **dstptr, int *size, int convert)
                case COMPAT_TO_USER:
                        pt = (struct xt_entry_target *)target;
                        tsize = pt->u.user.target_size;
-                        if (__copy_to_user(*dstptr, pt, tsize)) {
+                        if (copy_to_user(*dstptr, pt, tsize)) {
                                ret = -EFAULT;
                                break;
                        }
author	Patrick McHardy <kaber@trash.net>	2006-05-04 02:20:27 -0400
committer	David S. Miller <davem@davemloft.net>	2006-05-04 02:20:27 -0400
commit	7800007c1e2d42cd4120b87b0ba3f3480f17f30a (patch)
tree	831514416c91adcf7bdf87b6c6fd8d7660e1883e /net/netfilter
parent	7582e9d17edbabab6cbe59467c5d1b5e8c04fca8 (diff)

diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 17abf60f9570..99293c63ff73 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c
@@ -289,7 +289,7 @@ int xt_compat_match(void match, void dstptr, int size, int convert)
289	case COMPAT_TO_USER:	289	case COMPAT_TO_USER:
290	pm = (struct xt_entry_match *)match;	290	pm = (struct xt_entry_match *)match;
291	msize = pm->u.user.match_size;	291	msize = pm->u.user.match_size;
292	if (__copy_to_user(*dstptr, pm, msize)) {	292	if (copy_to_user(*dstptr, pm, msize)) {
293	ret = -EFAULT;	293	ret = -EFAULT;
294	break;	294	break;
295	}	295	}
@@ -366,7 +366,7 @@ int xt_compat_target(void target, void dstptr, int size, int convert)
366	case COMPAT_TO_USER:	366	case COMPAT_TO_USER:
367	pt = (struct xt_entry_target *)target;	367	pt = (struct xt_entry_target *)target;
368	tsize = pt->u.user.target_size;	368	tsize = pt->u.user.target_size;
369	if (__copy_to_user(*dstptr, pt, tsize)) {	369	if (copy_to_user(*dstptr, pt, tsize)) {
370	ret = -EFAULT;	370	ret = -EFAULT;
371	break;	371	break;
372	}	372	}