fault-injection: set bounds on what /proc/self/make-it-fail accepts.
authorDave Jones <davej@redhat.com>
Mon, 7 Apr 2014 22:39:15 +0000 (15:39 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Mon, 7 Apr 2014 23:36:10 +0000 (16:36 -0700)
/proc/self/make-it-fail is a boolean, but accepts any number, including
negative ones.  Change variable to unsigned, and cap upper bound at 1.

[akpm@linux-foundation.org: don't make make_it_fail unsigned]
Signed-off-by: Dave Jones <davej@fedoraproject.org>
Reviewed-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: David Rientjes <rientjes@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/proc/base.c

index 8da60e768b42f8df4ca84550078e26d5e2abe79e..6b7087e2e8fb059c36ac19e0013fc86f595e5149 100644 (file)
@@ -1236,6 +1236,9 @@ static ssize_t proc_fault_inject_write(struct file * file,
        make_it_fail = simple_strtol(strstrip(buffer), &end, 0);
        if (*end)
                return -EINVAL;
+       if (make_it_fail < 0 || make_it_fail > 1)
+               return -EINVAL;
+
        task = get_proc_task(file_inode(file));
        if (!task)
                return -ESRCH;