On Mon, 2009-09-21 at 11:34 +0100, Al Viro wrote:
> On Fri, Sep 18, 2009 at 01:05:45PM -0700, akpm@xxxxxxxxxxxxxxxxxxxx wrote:
> > From: Vegard Nossum <vegard.nossum@xxxxxxxxx>
> >
> > On 2009/6/17 Ingo Molnar <mingo@xxxxxxx> reported:
> > >
> > > btw., here's an old friend of a warning:
> > >
>
> [snip]
>
> > @@ -1640,7 +1640,7 @@ static int do_new_mount(struct path *pat
> > {
> > struct vfsmount *mnt;
> >
> > - if (!type || !memchr(type, 0, PAGE_SIZE))
> > + if (!type)
> > return -EINVAL;
> >
> > /* we need capabilities... */
> > @@ -1871,6 +1871,23 @@ int copy_mount_options(const void __user
> > return 0;
> > }
>
> > @@ -1900,8 +1917,6 @@ long do_mount(char *dev_name, char *dir_
> >
> > if (!dir_name || !*dir_name || !memchr(dir_name, 0, PAGE_SIZE))
> > return -EINVAL;
> > - if (dev_name && !memchr(dev_name, 0, PAGE_SIZE))
> > - return -EINVAL;
> >
> > if (data_page)
> > ((char *)data_page)[PAGE_SIZE - 1] = 0;
>
> In this form it's simply b0rken - you need to take care of other do_mount()
> callers. arch/alpha/kernel/osf_sys.c is safe, but fs/compat.c isn't...
Vegard, ping?
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
