tracing: Fix potential out-of-bounds in trace_get_user()

author Steven Rostedt <rostedt@goodmis.org>

Thu, 10 Oct 2013 02:23:23 +0000 (22:23 -0400)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Wed, 20 Nov 2013 20:37:36 +0000 (12:37 -0800)
author Steven Rostedt <rostedt@goodmis.org>
Thu, 10 Oct 2013 02:23:23 +0000 (22:23 -0400)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 20 Nov 2013 20:37:36 +0000 (12:37 -0800)
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c

index 7974ba2..b778e96 100644 (file)
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -843,9 +843,12 @@ int trace_get_user(struct trace_parser *parser, const char __user *ubuf,
         if (isspace(ch)) {
                 parser->buffer[parser->idx] = 0;
                 parser->cont = false;
-       } else {
+       } else if (parser->idx < parser->size - 1) {
                 parser->cont = true;
                 parser->buffer[parser->idx++] = ch;
+       } else {
+               ret = -EINVAL;
+               goto out;
         }
  
         *ppos += read;
author	Steven Rostedt <rostedt@goodmis.org>
	Thu, 10 Oct 2013 02:23:23 +0000 (22:23 -0400)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 20 Nov 2013 20:37:36 +0000 (12:37 -0800)