drivers/s390/char/keyboard.c NULL pointer reference

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Local users able to send the NULL arg argument to kbd_ioctl(), which could cause kernel crash




diff --git a/keyboard.c 
b/keyboard.c
index ba0e4f9..3ec16b1 100644
--- a/keyboard.c
+++ b/keyboard.c
@@ -456,6 +456,8 @@ int kbd_ioctl(struct kbd_data *kbd, unsigned int cmd, unsigned long arg)
        int perm;
 
        argp = (void __user *)arg;
+       if( !argp )
+               return -EFAULT;
 
        /*
         * To have permissions to do most of the vt ioctls, we either have


https://bugzilla.kernel.org/show_bug.cgi?id=196575��.n��������+%����;��w��{.n�����{��������ܨ}���Ơz�j:+v�����w����ޙ��&�)ߡ�a����z�ޗ���ݢj��w�f
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux