On Thu, Aug 03, 2017 at 09:57:38PM +0800, sohu0106 wrote: > > > Local users able to send the NULL arg argument to kbd_ioctl(), which could cause kernel crash > > > > > diff --git a/keyboard.c > b/keyboard.c > index ba0e4f9..3ec16b1 100644 > --- a/keyboard.c > +++ b/keyboard.c > @@ -456,6 +456,8 @@ int kbd_ioctl(struct kbd_data *kbd, unsigned int cmd, unsigned long arg) > int perm; > > argp = (void __user *)arg; > + if( !argp ) > + return -EFAULT; This doesn't make sense as well. All uaccess functions are able to handle NULL pointers within user space. -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
