Cliff Wickman <cpw@xxxxxxx> writes: > > Signed-off-by: Cliff Wickman <cpw@xxxxxxx> > --- > arch/ia64/sn/kernel/sn2/sn2_smp.c | 2 ++ > 1 file changed, 2 insertions(+) > > Index: linux-2.6/arch/ia64/sn/kernel/sn2/sn2_smp.c > =================================================================== > --- linux-2.6.orig/arch/ia64/sn/kernel/sn2/sn2_smp.c > +++ linux-2.6/arch/ia64/sn/kernel/sn2/sn2_smp.c > @@ -512,6 +512,8 @@ static ssize_t sn2_ptc_proc_write(struct > int cpu; > char optstr[64]; > > + if (count > 64) > + return -EINVAL; > if (copy_from_user(optstr, user, count)) > return -EFAULT; > optstr[count - 1] = '\0'; When someone passes 0 you get an buffer underflow? You need if (count < 0 || count > 64) me thinks. -Andi -- To unsubscribe from this list: send the line "unsubscribe linux-ia64" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
|