When converting strings to unsigned long overflows may occur. These currently are not detected.
E.g. on a 32bit system echo 0x800001234 > /proc/sys/kernel/threads-max has the same effect as echo 0x1234 > /proc/sys/kernel/threads-max The patch replaces the call to deprecated simple_strtoul by a call to kstrtoul_e. Signed-off-by: Heinrich Schuchardt <[email protected]> --- kernel/sysctl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 88ea2d6..4d9d139 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1884,7 +1884,8 @@ static int proc_get_long(char **buf, size_t *size, if (!isdigit(*p)) return -EINVAL; - *val = simple_strtoul(p, &p, 0); + if (kstrtoul_e(p, &p, 0, val) < 0) + return -EINVAL; len = p - tmp; -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
