The patch titled
Subject: proc: fix /proc/*/map_files lookup some more
has been added to the -mm tree. Its filename is
proc-fix-proc-map_files-lookup-some-more.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/proc-fix-proc-map_files-lookup-some-more.patch
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/proc-fix-proc-map_files-lookup-some-more.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/SubmitChecklist when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
Subject: proc: fix /proc/*/map_files lookup some more
I totally forgot that _parse_integer() accepts arbitrary amount of
leading zeroes leading to the following:
OK
# readlink /proc/1/map_files/56427ecba000-56427eddc000
/lib/systemd/systemd
bogus
# readlink /proc/1/map_files/00000000000056427ecba000-56427eddc000
/lib/systemd/systemd
# readlink /proc/1/map_files/56427ecba000-00000000000056427eddc000
/lib/systemd/systemd
Link: http://lkml.kernel.org/r/20180221195340.GA28911@avx2
Signed-off-by: Alexey Dobriyan <adobriyan@xxxxxxxxx>
Cc: Andrey Vagin <avagin@xxxxxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
fs/proc/base.c | 4 ++++
1 file changed, 4 insertions(+)
diff -puN fs/proc/base.c~proc-fix-proc-map_files-lookup-some-more fs/proc/base.c
--- a/fs/proc/base.c~proc-fix-proc-map_files-lookup-some-more
+++ a/fs/proc/base.c
@@ -1913,6 +1913,8 @@ static int dname_to_vma_addr(struct dent
unsigned long long sval, eval;
unsigned int len;
+ if (str[0] == '0' && str[1])
+ return -EINVAL;
len = _parse_integer(str, 16, &sval);
if (len & KSTRTOX_OVERFLOW)
return -EINVAL;
@@ -1924,6 +1926,8 @@ static int dname_to_vma_addr(struct dent
return -EINVAL;
str++;
+ if (str[0] == '0' && str[1])
+ return -EINVAL;
len = _parse_integer(str, 16, &eval);
if (len & KSTRTOX_OVERFLOW)
return -EINVAL;
_
Patches currently in -mm which might be from adobriyan@xxxxxxxxx are
proc-do-less-stuff-under-pde_unload_lock.patch
proc-move-proc-sysvipc-creation-to-where-it-belongs.patch
proc-faster-open-close-of-files-without-release-hook.patch
proc-randomize-struct-pde_opener.patch
proc-move-struct-pde_opener-to-kmem-cache.patch
proc-account-struct-pde_opener.patch
proc-fix-proc-map_files-lookup-some-more.patch
seq_file-delete-small-value-optimization.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
