From 7d65cf10e3d7747033b83fa18c5f3d2a498f66bc Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 17 Dec 2014 05:29:16 -0500 Subject: [PATCH] unfuck binfmt_misc.c (broken by commit e6084d4) scanarg(s, del) never returns s; the empty field results in s + 1. Restore the correct checks, and move NUL-termination into scanarg(), while we are at it. Incidentally, mixing "coding style cleanups" (for small values of cleanup) with functional changes is a Bad Idea(tm)... Signed-off-by: Al Viro --- fs/binfmt_misc.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c index c04ef1d4f18a..97aff2879cda 100644 --- a/fs/binfmt_misc.c +++ b/fs/binfmt_misc.c @@ -254,6 +254,7 @@ static char *scanarg(char *s, char del) return NULL; } } + s[-1] ='\0'; return s; } @@ -378,8 +379,7 @@ static Node *create_entry(const char __user *buffer, size_t count) p = scanarg(p, del); if (!p) goto einval; - p[-1] = '\0'; - if (p == e->magic) + if (!e->magic[0]) goto einval; if (USE_DEBUG) print_hex_dump_bytes( @@ -391,8 +391,7 @@ static Node *create_entry(const char __user *buffer, size_t count) p = scanarg(p, del); if (!p) goto einval; - p[-1] = '\0'; - if (p == e->mask) { + if (!e->mask[0]) { e->mask = NULL; pr_debug("register: mask[raw]: none\n"); } else if (USE_DEBUG) -- 2.20.1