From: Al Viro Date: Wed, 17 Dec 2014 10:29:16 +0000 (-0500) Subject: unfuck binfmt_misc.c (broken by commit e6084d4) X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=7d65cf10e3d7747033b83fa18c5f3d2a498f66bc;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git unfuck binfmt_misc.c (broken by commit e6084d4) scanarg(s, del) never returns s; the empty field results in s + 1. Restore the correct checks, and move NUL-termination into scanarg(), while we are at it. Incidentally, mixing "coding style cleanups" (for small values of cleanup) with functional changes is a Bad Idea(tm)... Signed-off-by: Al Viro --- diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c index c04ef1d4f18a..97aff2879cda 100644 --- a/fs/binfmt_misc.c +++ b/fs/binfmt_misc.c @@ -254,6 +254,7 @@ static char *scanarg(char *s, char del) return NULL; } } + s[-1] ='\0'; return s; } @@ -378,8 +379,7 @@ static Node *create_entry(const char __user *buffer, size_t count) p = scanarg(p, del); if (!p) goto einval; - p[-1] = '\0'; - if (p == e->magic) + if (!e->magic[0]) goto einval; if (USE_DEBUG) print_hex_dump_bytes( @@ -391,8 +391,7 @@ static Node *create_entry(const char __user *buffer, size_t count) p = scanarg(p, del); if (!p) goto einval; - p[-1] = '\0'; - if (p == e->mask) { + if (!e->mask[0]) { e->mask = NULL; pr_debug("register: mask[raw]: none\n"); } else if (USE_DEBUG)