summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2020-06-11 01:05:54 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2020-06-11 01:05:54 +0200
commit1c3837266214c1e6fbbb96ff36bee13e923057d8 (patch)
treedf8455bbecf61d15adb4466b920c28e847a593d3 /fs
parentMerge branch 'uaccess.i915' of git://git.kernel.org/pub/scm/linux/kernel/git/... (diff)
parentsysctl: reject gigantic reads/write to sysctl files (diff)
downloadlinux-1c3837266214c1e6fbbb96ff36bee13e923057d8.tar.xz
linux-1c3837266214c1e6fbbb96ff36bee13e923057d8.zip
Merge branch 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull sysctl fixes from Al Viro: "Fixups to regressions in sysctl series" * 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: sysctl: reject gigantic reads/write to sysctl files cdrom: fix an incorrect __user annotation on cdrom_sysctl_info trace: fix an incorrect __user annotation on stack_trace_sysctl random: fix an incorrect __user annotation on proc_do_entropy net/sysctl: remove leftover __user annotations on neigh_proc_dointvec* net/sysctl: use cpumask_parse in flow_limit_cpu_sysctl
Diffstat (limited to 'fs')
-rw-r--r--fs/proc/proc_sysctl.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
index 5b405f32971d..42c5128c7d1c 100644
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -565,6 +565,10 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *ubuf,
if (!table->proc_handler)
goto out;
+ /* don't even try if the size is too large */
+ if (count > KMALLOC_MAX_SIZE)
+ return -ENOMEM;
+
if (write) {
kbuf = memdup_user_nul(ubuf, count);
if (IS_ERR(kbuf)) {