zone_getattr(ZONE_ATTR_NETWORK) doesn't check user-supplied buffer size
Unlike the getters for other zone attributes, the userspace supplied buffer size is passed directly to kmem_alloc()for ZONE_ATTR_NETWORK.
The setter for this constrains the buffer size to PIPE_BUF + sizeof(zone_net_data_t) so it seems reasonable to do the same here.
As with the other getters, just reset the buffer size to the maximum rather than returning an error.
Updated by Electric Monk over 4 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit 66d7818b6a24876c96bdd1a81986c017f368decd Author: Andy Fiddaman <firstname.lastname@example.org> Date: 2018-03-11T06:14:24.000Z 9228 zone_getattr(ZONE_ATTR_NETWORK) returns uninitialised value 9230 zone_getattr(ZONE_ATTR_NETWORK) doesn't check user-supplied buffer size Reviewed by: Yuri Pankov <email@example.com> Reviewed by: John Levon <firstname.lastname@example.org> Reviewed by: Dominik Hassler <email@example.com> Reviewed by: Toomas Soome <firstname.lastname@example.org> Reviewed by: C Fraire <email@example.com> Approved by: Joshua M. Clulow <firstname.lastname@example.org>