Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-28 07:01:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

cciss: switch to memdup_user_nul()

Browse Source 
all we do to buffer is strncmp()...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro 2015-12-24 00:12:09 -05:00
parent f0fc869662
commit e4e85bb091
1 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
drivers/block/cciss.c
View File

@ -514,14 +514,9 @@ cciss_proc_write(struct file *file, const char __user *buf,
if (!buf || length > PAGE_SIZE - 1) if (!buf || length > PAGE_SIZE - 1)
return -EINVAL; return -EINVAL;
buffer = (char *)__get_free_page(GFP_KERNEL); buffer = memdup_user_nul(buf, length);
if (!buffer) if (IS_ERR(buffer))
return -ENOMEM; return PTR_ERR(buffer);
err = -EFAULT;
if (copy_from_user(buffer, buf, length))
goto out;
buffer[length] = '\0';
#ifdef CONFIG_CISS_SCSI_TAPE #ifdef CONFIG_CISS_SCSI_TAPE
if (strncmp(ENGAGE_SCSI, buffer, sizeof ENGAGE_SCSI - 1) == 0) { if (strncmp(ENGAGE_SCSI, buffer, sizeof ENGAGE_SCSI - 1) == 0) {
@ -537,8 +532,7 @@ cciss_proc_write(struct file *file, const char __user *buf,
/* might be nice to have "disengage" too, but it's not /* might be nice to have "disengage" too, but it's not
safely possible. (only 1 module use count, lock issues.) */ safely possible. (only 1 module use count, lock issues.) */
out: kfree(buffer);
free_page((unsigned long)buffer);
return err; return err;
} }