zone_getattr(ZONE_ATTR_NETWORK) doesn't check user-supplied buffer size
Unlike the getters for other zone attributes, the userspace supplied buffer size is passed directly to kmem_alloc()for ZONE_ATTR_NETWORK.
The setter for this constrains the buffer size to PIPE_BUF + sizeof(zone_net_data_t) so it seems reasonable to do the same here.
As with the other getters, just reset the buffer size to the maximum rather than returning an error.
Updated by Electric Monk over 1 year ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit 66d7818b6a24876c96bdd1a81986c017f368decd Author: Andy Fiddaman <email@example.com> Date: 2018-03-11T06:14:24.000Z 9228 zone_getattr(ZONE_ATTR_NETWORK) returns uninitialised value 9230 zone_getattr(ZONE_ATTR_NETWORK) doesn't check user-supplied buffer size Reviewed by: Yuri Pankov <firstname.lastname@example.org> Reviewed by: John Levon <email@example.com> Reviewed by: Dominik Hassler <firstname.lastname@example.org> Reviewed by: Toomas Soome <email@example.com> Reviewed by: C Fraire <firstname.lastname@example.org> Approved by: Joshua M. Clulow <email@example.com>