asm-generic: make get_user() clear the destination on errors

commit 9ad18b75c2f6e4a78ce204e79f37781f8815c0fa upstream.

both for access_ok() failures and for faults halfway through

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Willy Tarreau <w@1wt.eu>

diff --git a/include/asm-generic/uaccess.h b/include/asm-generic/uaccess.h
index c184aa8ec8cd5c81f189ff9350e52e6e27e5b2a6..fee282ab2b4e5e2feaecee303d11edaf79398722 100644 (file)
--- a/include/asm-generic/uaccess.h
+++ b/include/asm-generic/uaccess.h
@@ -228,14 +228,18 @@ extern int __put_user_bad(void) __attribute__((noreturn));
        might_sleep();                                          \
        access_ok(VERIFY_READ, ptr, sizeof(*ptr)) ?             \
                __get_user(x, ptr) :                            \
-               -EFAULT;                                        \
+               ((x) = (__typeof__(*(ptr)))0,-EFAULT);          \
 })
 
 #ifndef __get_user_fn
 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
 {
-       size = __copy_from_user(x, ptr, size);
-       return size ? -EFAULT : size;
+       size_t n = __copy_from_user(x, ptr, size);
+       if (unlikely(n)) {
+               memset(x + (size - n), 0, n);
+               return -EFAULT;
+       }
+       return 0;
 }
 
 #define __get_user_fn(sz, u, k)        __get_user_fn(sz, u, k)