aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorArjan van de Ven <arjan@infradead.org>2009-10-13 17:17:36 -0400
committerJames Morris <jmorris@namei.org>2009-10-13 17:17:36 -0400
commit825332e4ff1373c55d931b49408df7ec2298f71e (patch)
treef489a311e576eb1b45ff62cbc0cccbe3bea2baeb /kernel
parenta27ab9f26b729326778271c1efd895aef4fda1c4 (diff)
capabilities: simplify bound checks for copy_from_user()
The capabilities syscall has a copy_from_user() call where gcc currently cannot prove to itself that the copy is always within bounds. This patch adds a very explicity bound check to prove to gcc that this copy_from_user cannot overflow its destination buffer. Signed-off-by: Arjan van de Ven <arjan@linux.intel.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/capability.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/kernel/capability.c b/kernel/capability.c
index 4e17041963f5..c2316d3fa094 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -238,7 +238,7 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr)
238SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data) 238SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data)
239{ 239{
240 struct __user_cap_data_struct kdata[_KERNEL_CAPABILITY_U32S]; 240 struct __user_cap_data_struct kdata[_KERNEL_CAPABILITY_U32S];
241 unsigned i, tocopy; 241 unsigned i, tocopy, copybytes;
242 kernel_cap_t inheritable, permitted, effective; 242 kernel_cap_t inheritable, permitted, effective;
243 struct cred *new; 243 struct cred *new;
244 int ret; 244 int ret;
@@ -255,8 +255,11 @@ SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data)
255 if (pid != 0 && pid != task_pid_vnr(current)) 255 if (pid != 0 && pid != task_pid_vnr(current))
256 return -EPERM; 256 return -EPERM;
257 257
258 if (copy_from_user(&kdata, data, 258 copybytes = tocopy * sizeof(struct __user_cap_data_struct);
259 tocopy * sizeof(struct __user_cap_data_struct))) 259 if (copybytes > sizeof(kdata))
260 return -EFAULT;
261
262 if (copy_from_user(&kdata, data, copybytes))
260 return -EFAULT; 263 return -EFAULT;
261 264
262 for (i = 0; i < tocopy; i++) { 265 for (i = 0; i < tocopy; i++) {