diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2020-06-11 01:05:54 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-06-11 01:05:54 +0200 |
commit | 1c3837266214c1e6fbbb96ff36bee13e923057d8 (patch) | |
tree | df8455bbecf61d15adb4466b920c28e847a593d3 /fs | |
parent | Merge branch 'uaccess.i915' of git://git.kernel.org/pub/scm/linux/kernel/git/... (diff) | |
parent | sysctl: reject gigantic reads/write to sysctl files (diff) | |
download | linux-1c3837266214c1e6fbbb96ff36bee13e923057d8.tar.xz linux-1c3837266214c1e6fbbb96ff36bee13e923057d8.zip |
Merge branch 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull sysctl fixes from Al Viro:
"Fixups to regressions in sysctl series"
* 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
sysctl: reject gigantic reads/write to sysctl files
cdrom: fix an incorrect __user annotation on cdrom_sysctl_info
trace: fix an incorrect __user annotation on stack_trace_sysctl
random: fix an incorrect __user annotation on proc_do_entropy
net/sysctl: remove leftover __user annotations on neigh_proc_dointvec*
net/sysctl: use cpumask_parse in flow_limit_cpu_sysctl
Diffstat (limited to 'fs')
-rw-r--r-- | fs/proc/proc_sysctl.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 5b405f32971d..42c5128c7d1c 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -565,6 +565,10 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *ubuf, if (!table->proc_handler) goto out; + /* don't even try if the size is too large */ + if (count > KMALLOC_MAX_SIZE) + return -ENOMEM; + if (write) { kbuf = memdup_user_nul(ubuf, count); if (IS_ERR(kbuf)) { |