aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--security/device_cgroup.c28
1 files changed, 22 insertions, 6 deletions
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 76503df23770..4fbae8d0b36c 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -361,8 +361,8 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
361 int filetype, const char *buffer) 361 int filetype, const char *buffer)
362{ 362{
363 const char *b; 363 const char *b;
364 char *endp; 364 char temp[12]; /* 11 + 1 characters needed for a u32 */
365 int count; 365 int count, rc;
366 struct dev_exception_item ex; 366 struct dev_exception_item ex;
367 367
368 if (!capable(CAP_SYS_ADMIN)) 368 if (!capable(CAP_SYS_ADMIN))
@@ -405,8 +405,16 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
405 ex.major = ~0; 405 ex.major = ~0;
406 b++; 406 b++;
407 } else if (isdigit(*b)) { 407 } else if (isdigit(*b)) {
408 ex.major = simple_strtoul(b, &endp, 10); 408 memset(temp, 0, sizeof(temp));
409 b = endp; 409 for (count = 0; count < sizeof(temp) - 1; count++) {
410 temp[count] = *b;
411 b++;
412 if (!isdigit(*b))
413 break;
414 }
415 rc = kstrtou32(temp, 10, &ex.major);
416 if (rc)
417 return -EINVAL;
410 } else { 418 } else {
411 return -EINVAL; 419 return -EINVAL;
412 } 420 }
@@ -419,8 +427,16 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
419 ex.minor = ~0; 427 ex.minor = ~0;
420 b++; 428 b++;
421 } else if (isdigit(*b)) { 429 } else if (isdigit(*b)) {
422 ex.minor = simple_strtoul(b, &endp, 10); 430 memset(temp, 0, sizeof(temp));
423 b = endp; 431 for (count = 0; count < sizeof(temp) - 1; count++) {
432 temp[count] = *b;
433 b++;
434 if (!isdigit(*b))
435 break;
436 }
437 rc = kstrtou32(temp, 10, &ex.minor);
438 if (rc)
439 return -EINVAL;
424 } else { 440 } else {
425 return -EINVAL; 441 return -EINVAL;
426 } 442 }
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-22 17:59:45 -0500