Re: [PATCH 1/4] gpio: userspace ABI for reading/writing GPIO lines

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Jun 29, 2016 at 11:43 AM, Alexander Stein
<alexander.stein@xxxxxxxxxxxxxxxxxxxxx> wrote:

> There is no valid .fd if copy_to_user() fails and immediately returning
> -EFAULT. Thus the previously kzalloc'ed lh (well anything linehandle_release
> frees) is unaccessible. Userspace has no .fd for neither any ioctl nor for
> calling close(). This allocated memory will remain unavailable until the
> process exits. I think something like this should be added:
>
>> @@ -486,8 +486,10 @@ static int linehandle_create(struct gpio_device *gdev,
>> void __user *ip)>
>>       }
>>
>>       handlereq.fd = fd;
>>
>> -     if (copy_to_user(ip, &handlereq, sizeof(handlereq)))
>> -             return -EFAULT;
>> +     if (copy_to_user(ip, &handlereq, sizeof(handlereq))) {
>> +             ret = -EFAULT;
>> +             goto out_free_descs;
>> +     }

I see. I'm fixing a patch, also checking if I have that bug in more
places.

Yours,
Linus Walleij
--
To unsubscribe from this list: send the line "unsubscribe linux-gpio" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux SPI]     [Linux Kernel]     [Linux ARM (vger)]     [Linux ARM MSM]     [Linux Omap]     [Linux Arm]     [Linux Tegra]     [Fedora ARM]     [Linux for Samsung SOC]     [eCos]     [Linux Fastboot]     [Gcc Help]     [Git]     [DCCP]     [IETF Announce]     [Security]     [Linux MIPS]     [Yosemite Campsites]

  Powered by Linux