Google Git
Sign in
kernel / pub / scm / linux / kernel / git / stable / stable-queue / d6c57ae70007cfe8c59b8fc1918a18c71e14066c / . / releases / 3.2.14 / nfsd-don-t-allow-zero-length-strings-in-cache_parse.patch
blob: 2b493bb3d572b3466c27a878abfa6f54656ac1a9 [file] [log] [blame]
From 6d8d17499810479eabd10731179c04b2ca22152f Mon Sep 17 00:00:00 2001
From: Dan Carpenter <dan.carpenter@oracle.com>
Date: Wed, 18 Jan 2012 12:56:02 +0300
Subject: nfsd: don't allow zero length strings in cache_parse()
From: Dan Carpenter <dan.carpenter@oracle.com>
commit 6d8d17499810479eabd10731179c04b2ca22152f upstream.
There is no point in passing a zero length string here and quite a
few of that cache_parse() implementations will Oops if count is
zero.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/sunrpc/cache.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -828,6 +828,8 @@ static ssize_t cache_do_downcall(char *k
{
ssize_t ret;
+ if (count == 0)
+ return -EINVAL;
if (copy_from_user(kaddr, buf, count))
return -EFAULT;
kaddr[count] = '\0';