projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c2cd26e)
USB: usbtmc: inhibit corruption
authorSteve Holland <sdh4@iastate.edu>
Thu, 18 Jun 2009 22:37:49 +0000 (17:37 -0500)
committerGreg Kroah-Hartman <gregkh@suse.de>
Wed, 23 Sep 2009 13:46:35 +0000 (06:46 -0700)
Limit data copied to userspace to amount requested.  Prevents a faulty
instrument from overwriting user memory.

Signed-off-by: Steve Holland <sdh4@iastate.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/usb/class/usbtmc.c patch | blob | blame | history

diff --git a/drivers/usb/class/usbtmc.c b/drivers/usb/class/usbtmc.c
index f2fde7cd610933f7a0f173d54a03292c50d88f8a..91d3a94eeaa0130dfea6a057c3a92551e95553c7 100644 (file)
--- a/drivers/usb/class/usbtmc.c
+++ b/drivers/usb/class/usbtmc.c
@@ -473,6 +473,10 @@ static ssize_t usbtmc_read(struct file *filp, char __user *buf,
                        n_characters = this_part;
                }
 
+               /* Bound amount of data received by amount of data requested */
+               if (n_characters > this_part)
+                       n_characters = this_part;
+
                /* Copy buffer to user space */
                if (copy_to_user(buf + done, &buffer[12], n_characters)) {
                        /* There must have been an addressing problem */