forked from Minki/linux
IB/hfi1: Validate the TID count before using it
Improve the safety of the code by validating the user supplied tidcnt before use. Reviewed-by: Mitko Haralanov <mitko.haralanov@intel.com> Reviewed-by: Dennis Dalessandro <dennis.dalessandro@intel.com> Signed-off-by: Michael J. Ruhl <michael.j.ruhl@intel.com> Signed-off-by: Dennis Dalessandro <dennis.dalessandro@intel.com> Signed-off-by: Doug Ledford <dledford@redhat.com>
This commit is contained in:
parent
aad9ff97dd
commit
db730894f4
@ -579,6 +579,9 @@ int hfi1_user_exp_rcv_clear(struct file *fp, struct hfi1_tid_info *tinfo)
|
||||
u32 *tidinfo;
|
||||
unsigned tididx;
|
||||
|
||||
if (unlikely(tinfo->tidcnt > fd->tid_used))
|
||||
return -EINVAL;
|
||||
|
||||
tidinfo = memdup_user((void __user *)(unsigned long)tinfo->tidlist,
|
||||
sizeof(tidinfo[0]) * tinfo->tidcnt);
|
||||
if (IS_ERR(tidinfo))
|
||||
|
Loading…
Reference in New Issue
Block a user