lib: Fix strnlen_user() to not touch memory after specified maximum
authorJan Kara <jack@suse.cz>
Tue, 2 Jun 2015 15:10:28 +0000 (17:10 +0200)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 2 Jun 2015 17:28:52 +0000 (10:28 -0700)
commitf18c34e483ff6b1d9866472221e4015b3a4698e4
tree55542172dd992db5172eb64078ce01cac7db1a7b
parentc46a024ea5eb0165114dbbc8c82c29b7bcf66e71
lib: Fix strnlen_user() to not touch memory after specified maximum

If the specified maximum length of the string is a multiple of unsigned
long, we would load one long behind the specified maximum.  If that
happens to be in a next page, we can hit a page fault although we were
not expected to.

Fix the off-by-one bug in the test whether we are at the end of the
specified range.

Signed-off-by: Jan Kara <jack@suse.cz>
Cc: stable@vger.kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
lib/strnlen_user.c