* [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
@ 2010-06-03 9:56 ` Dan Carpenter
0 siblings, 0 replies; 8+ messages in thread
From: Dan Carpenter @ 2010-06-03 9:56 UTC (permalink / raw)
To: Karsten Keil
Cc: David S. Miller, Jan Kiszka, Tilman Schmidt, netdev, kernel-janitors
copy_from_user() returns the number of bytes remaining but we should
return -EFAULT here. The error code gets returned to the user. Both
old_capi_manufacturer() and capi20_manufacturer() had other places
that already returned -EFAULT so this won't break anything.
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/drivers/isdn/capi/kcapi.c b/drivers/isdn/capi/kcapi.c
index bde3c88..b054494 100644
--- a/drivers/isdn/capi/kcapi.c
+++ b/drivers/isdn/capi/kcapi.c
@@ -1020,12 +1020,12 @@ static int old_capi_manufacturer(unsigned int cmd, void __user *data)
if (cmd == AVMB1_ADDCARD) {
if ((retval = copy_from_user(&cdef, data,
sizeof(avmb1_carddef))))
- return retval;
+ return -EFAULT;
cdef.cardtype = AVM_CARDTYPE_B1;
} else {
if ((retval = copy_from_user(&cdef, data,
sizeof(avmb1_extcarddef))))
- return retval;
+ return -EFAULT;
}
cparams.port = cdef.port;
cparams.irq = cdef.irq;
@@ -1218,7 +1218,7 @@ int capi20_manufacturer(unsigned int cmd, void __user *data)
kcapi_carddef cdef;
if ((retval = copy_from_user(&cdef, data, sizeof(cdef))))
- return retval;
+ return -EFAULT;
cparams.port = cdef.port;
cparams.irq = cdef.irq;
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
@ 2010-06-03 9:56 ` Dan Carpenter
0 siblings, 0 replies; 8+ messages in thread
From: Dan Carpenter @ 2010-06-03 9:56 UTC (permalink / raw)
To: Karsten Keil
Cc: David S. Miller, Jan Kiszka, Tilman Schmidt, netdev, kernel-janitors
copy_from_user() returns the number of bytes remaining but we should
return -EFAULT here. The error code gets returned to the user. Both
old_capi_manufacturer() and capi20_manufacturer() had other places
that already returned -EFAULT so this won't break anything.
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/drivers/isdn/capi/kcapi.c b/drivers/isdn/capi/kcapi.c
index bde3c88..b054494 100644
--- a/drivers/isdn/capi/kcapi.c
+++ b/drivers/isdn/capi/kcapi.c
@@ -1020,12 +1020,12 @@ static int old_capi_manufacturer(unsigned int cmd, void __user *data)
if (cmd = AVMB1_ADDCARD) {
if ((retval = copy_from_user(&cdef, data,
sizeof(avmb1_carddef))))
- return retval;
+ return -EFAULT;
cdef.cardtype = AVM_CARDTYPE_B1;
} else {
if ((retval = copy_from_user(&cdef, data,
sizeof(avmb1_extcarddef))))
- return retval;
+ return -EFAULT;
}
cparams.port = cdef.port;
cparams.irq = cdef.irq;
@@ -1218,7 +1218,7 @@ int capi20_manufacturer(unsigned int cmd, void __user *data)
kcapi_carddef cdef;
if ((retval = copy_from_user(&cdef, data, sizeof(cdef))))
- return retval;
+ return -EFAULT;
cparams.port = cdef.port;
cparams.irq = cdef.irq;
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
2010-06-03 9:56 ` Dan Carpenter
@ 2010-06-03 10:26 ` Jan Kiszka
-1 siblings, 0 replies; 8+ messages in thread
From: Jan Kiszka @ 2010-06-03 10:26 UTC (permalink / raw)
To: Dan Carpenter
Cc: Karsten Keil, David S. Miller, Tilman Schmidt, netdev, kernel-janitors
[-- Attachment #1: Type: text/plain, Size: 1473 bytes --]
Dan Carpenter wrote:
> copy_from_user() returns the number of bytes remaining but we should
> return -EFAULT here. The error code gets returned to the user. Both
> old_capi_manufacturer() and capi20_manufacturer() had other places
> that already returned -EFAULT so this won't break anything.
>
Good point.
> Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> diff --git a/drivers/isdn/capi/kcapi.c b/drivers/isdn/capi/kcapi.c
> index bde3c88..b054494 100644
> --- a/drivers/isdn/capi/kcapi.c
> +++ b/drivers/isdn/capi/kcapi.c
> @@ -1020,12 +1020,12 @@ static int old_capi_manufacturer(unsigned int cmd, void __user *data)
> if (cmd == AVMB1_ADDCARD) {
> if ((retval = copy_from_user(&cdef, data,
> sizeof(avmb1_carddef))))
> - return retval;
> + return -EFAULT;
> cdef.cardtype = AVM_CARDTYPE_B1;
> } else {
> if ((retval = copy_from_user(&cdef, data,
> sizeof(avmb1_extcarddef))))
> - return retval;
> + return -EFAULT;
> }
> cparams.port = cdef.port;
> cparams.irq = cdef.irq;
> @@ -1218,7 +1218,7 @@ int capi20_manufacturer(unsigned int cmd, void __user *data)
> kcapi_carddef cdef;
>
> if ((retval = copy_from_user(&cdef, data, sizeof(cdef))))
> - return retval;
> + return -EFAULT;
>
> cparams.port = cdef.port;
> cparams.irq = cdef.irq;
No need to assign retval anymore, it is overwritten in all non-error cases.
Jan
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 257 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
@ 2010-06-03 10:26 ` Jan Kiszka
0 siblings, 0 replies; 8+ messages in thread
From: Jan Kiszka @ 2010-06-03 10:26 UTC (permalink / raw)
To: Dan Carpenter
Cc: Karsten Keil, David S. Miller, Tilman Schmidt, netdev, kernel-janitors
[-- Attachment #1: Type: text/plain, Size: 1473 bytes --]
Dan Carpenter wrote:
> copy_from_user() returns the number of bytes remaining but we should
> return -EFAULT here. The error code gets returned to the user. Both
> old_capi_manufacturer() and capi20_manufacturer() had other places
> that already returned -EFAULT so this won't break anything.
>
Good point.
> Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> diff --git a/drivers/isdn/capi/kcapi.c b/drivers/isdn/capi/kcapi.c
> index bde3c88..b054494 100644
> --- a/drivers/isdn/capi/kcapi.c
> +++ b/drivers/isdn/capi/kcapi.c
> @@ -1020,12 +1020,12 @@ static int old_capi_manufacturer(unsigned int cmd, void __user *data)
> if (cmd == AVMB1_ADDCARD) {
> if ((retval = copy_from_user(&cdef, data,
> sizeof(avmb1_carddef))))
> - return retval;
> + return -EFAULT;
> cdef.cardtype = AVM_CARDTYPE_B1;
> } else {
> if ((retval = copy_from_user(&cdef, data,
> sizeof(avmb1_extcarddef))))
> - return retval;
> + return -EFAULT;
> }
> cparams.port = cdef.port;
> cparams.irq = cdef.irq;
> @@ -1218,7 +1218,7 @@ int capi20_manufacturer(unsigned int cmd, void __user *data)
> kcapi_carddef cdef;
>
> if ((retval = copy_from_user(&cdef, data, sizeof(cdef))))
> - return retval;
> + return -EFAULT;
>
> cparams.port = cdef.port;
> cparams.irq = cdef.irq;
No need to assign retval anymore, it is overwritten in all non-error cases.
Jan
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 257 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
2010-06-03 10:26 ` Jan Kiszka
@ 2010-06-03 10:29 ` David Miller
-1 siblings, 0 replies; 8+ messages in thread
From: David Miller @ 2010-06-03 10:29 UTC (permalink / raw)
To: jan.kiszka; +Cc: error27, isdn, tilman, netdev, kernel-janitors
From: Jan Kiszka <jan.kiszka@web.de>
Date: Thu, 03 Jun 2010 12:26:42 +0200
> No need to assign retval anymore, it is overwritten in all non-error cases.
I'm still going to apply this fix as-is since it's easier to validate
and provably won't introduce new compiler warnings.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
@ 2010-06-03 10:29 ` David Miller
0 siblings, 0 replies; 8+ messages in thread
From: David Miller @ 2010-06-03 10:29 UTC (permalink / raw)
To: jan.kiszka; +Cc: error27, isdn, tilman, netdev, kernel-janitors
From: Jan Kiszka <jan.kiszka@web.de>
Date: Thu, 03 Jun 2010 12:26:42 +0200
> No need to assign retval anymore, it is overwritten in all non-error cases.
I'm still going to apply this fix as-is since it's easier to validate
and provably won't introduce new compiler warnings.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
2010-06-03 9:56 ` Dan Carpenter
@ 2010-06-03 10:29 ` David Miller
-1 siblings, 0 replies; 8+ messages in thread
From: David Miller @ 2010-06-03 10:29 UTC (permalink / raw)
To: error27; +Cc: isdn, jan.kiszka, tilman, netdev, kernel-janitors
From: Dan Carpenter <error27@gmail.com>
Date: Thu, 3 Jun 2010 11:56:13 +0200
> copy_from_user() returns the number of bytes remaining but we should
> return -EFAULT here. The error code gets returned to the user. Both
> old_capi_manufacturer() and capi20_manufacturer() had other places
> that already returned -EFAULT so this won't break anything.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Applied.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [patch] isdn/kcapi: return -EFAULT on copy_from_user errors
@ 2010-06-03 10:29 ` David Miller
0 siblings, 0 replies; 8+ messages in thread
From: David Miller @ 2010-06-03 10:29 UTC (permalink / raw)
To: error27; +Cc: isdn, jan.kiszka, tilman, netdev, kernel-janitors
From: Dan Carpenter <error27@gmail.com>
Date: Thu, 3 Jun 2010 11:56:13 +0200
> copy_from_user() returns the number of bytes remaining but we should
> return -EFAULT here. The error code gets returned to the user. Both
> old_capi_manufacturer() and capi20_manufacturer() had other places
> that already returned -EFAULT so this won't break anything.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Applied.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2010-06-03 10:29 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-06-03 9:56 [patch] isdn/kcapi: return -EFAULT on copy_from_user errors Dan Carpenter
2010-06-03 9:56 ` Dan Carpenter
2010-06-03 10:26 ` Jan Kiszka
2010-06-03 10:26 ` Jan Kiszka
2010-06-03 10:29 ` David Miller
2010-06-03 10:29 ` David Miller
2010-06-03 10:29 ` David Miller
2010-06-03 10:29 ` David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.