Re: [patch] staging: alarm-dev: information leak in alarm_ioctl()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/03/2013 02:02 AM, Dan Carpenter wrote:
Smatch complains that if we pass an invalid clock type then "ts" is
never set.  We need to check for errors earlier, otherwise we end up
passing uninitialized stack data to userspace.

Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

Looks ok to me. Although you probably need the exact same change in the compat_ioctl implementation?

Otherwise, Acked-by: John Stultz <john.stultz@xxxxxxxxxx>

Cc'ing Android folks for their review as well.

thanks
-john




diff --git a/drivers/staging/android/alarm-dev.c b/drivers/staging/android/alarm-dev.c
index ceb1c643..c8600d9 100644
--- a/drivers/staging/android/alarm-dev.c
+++ b/drivers/staging/android/alarm-dev.c
@@ -264,6 +264,8 @@ static long alarm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
  	}
rv = alarm_do_ioctl(file, cmd, &ts);
+	if (rv)
+		return rv;
switch (ANDROID_ALARM_BASE_CMD(cmd)) {
  	case ANDROID_ALARM_GET_TIME(0):
@@ -272,7 +274,7 @@ static long alarm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
  		break;
  	}
- return rv;
+	return 0;
  }
  #ifdef CONFIG_COMPAT
  static long alarm_compat_ioctl(struct file *file, unsigned int cmd,

--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux