Re: AUDIT: copy_from_user is a deathtrap.

Rusty Russell (rusty@rustcorp.com.au)
Fri, 17 May 2002 22:21:45 +1000

In message <E178gfl-0006Ip-00@the-village.bc.nu> you write:
> > > I would much rather fix these instances than add yet another
> > > interface.
> >
> > I'll accept that if someone's volunteering to audit the kernel for
> > them every six months.
> >
> > Sorry I wasn't clear: I'm saying *replace*, not add,
>
> Replace requires you audit every single use, and then work out how to
> handle those that do care about the length and the point it faulted.

Read my original post. I have done this.

> From what I've seen of the stuff that has been fixed we have a mix
> of the following
>
> 1. Misports of ancient verify_* code - eg the serial ones
> 2. Not checking the return code - 100% legal and standards compliant

No, the 400+ are all of form:

/* of course this returns 0 or -EFAULT! */
return copy_from_user(xxx);

Rusty.

--
  Anyone who quotes me in their sig is an idiot. -- Rusty Russell.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/