From: Christoph Hellwig
> Sent: 11 January 2021 17:19
>
> sizeof needs to be called on the compat pointer, not the native one.
>
> Fixes: 89cd35c58bc2 ("iov_iter: transparently handle compat iovecs in import_iovec")
> Reported-by: David Laight <David.Laight@xxxxxxxxxx>
> Signed-off-by: Christoph Hellwig <hch@xxxxxx>
> ---
> lib/iov_iter.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/iov_iter.c b/lib/iov_iter.c
> index 1635111c5bd2af..586215aa0f15ce 100644
> --- a/lib/iov_iter.c
> +++ b/lib/iov_iter.c
> @@ -1658,7 +1658,7 @@ static int copy_compat_iovec_from_user(struct iovec *iov,
> (const struct compat_iovec __user *)uvec;
> int ret = -EFAULT, i;
>
> - if (!user_access_begin(uvec, nr_segs * sizeof(*uvec)))
> + if (!user_access_begin(uvec, nr_segs * sizeof(*uiov)))
The first 'uvec' probably ought to be changed as well.
Even though both variables have the same value.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
