> >+ case PR_SET_PROCTITLE_AREA: {
> >+ struct mm_struct *mm = current->mm;
> >+ unsigned long addr = arg2;
> >+ unsigned long len = arg3;
> >+ unsigned long end = arg2 + arg3;
> >+
> >+ if (len > PAGE_SIZE)
> >+ return -EINVAL;
> >+
> >+ if (addr >= end)
> >+ return -EINVAL;
> >+
> >+ if (!access_ok(VERIFY_READ, addr, len))
> >+ return -EFAULT;
> >+
> >+ mutex_lock(&mm->arg_lock);
> >+ mm->arg_start = addr;
>
> Is this safe? You're assigning a user-space pointer to kernel space...
> Don't we need copy_from_user()?
mm->arg_start, arg_end are defined so.
Please see current implementation.
> >+ mm->arg_end = addr + len;
>
> Since you already have 'end', no need to caculate this again. :)
Good catch :)
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
