forge/linux-pinenote
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linux-pinenote/fs/notify
History
Al Viro 3587b1b097 fanotify: fix FAN_Q_OVERFLOW case of fanotify_read() 
If the FAN_Q_OVERFLOW bit set in event->mask, the fanotify event
metadata will not contain a valid file descriptor, but
copy_event_to_user() didn't check for that, and unconditionally does a
fd_install() on the file descriptor.

Which in turn will cause a BUG_ON() in __fd_install().

Introduced by commit 352e3b2492 ("fanotify: sanitize failure exits in
copy_event_to_user()")

Mea culpa - missed that path ;-/

Reported-by: Alex Shi <lkml.alex@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-11-18 09:30:00 -10:00
..
dnotify
fanotify fanotify: fix FAN_Q_OVERFLOW case of fanotify_read() 2012-11-18 09:30:00 -10:00
inotify switch simple cases of fget_light to fdget 2012-09-26 22:20:08 -04:00
fsnotify.c vfs: switch i_dentry/d_alias to hlist 2012-07-14 16:32:55 +04:00
fsnotify.h
group.c atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
inode_mark.c atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
Kconfig
Makefile
mark.c fsnotify: don't BUG in fsnotify_destroy_mark() 2012-01-14 18:01:42 -08:00
notification.c fs/notify/notification.c: make subsys_initcall function static 2012-03-23 16:58:31 -07:00
vfsmount_mark.c vfs: move fsnotify junk to struct mount 2012-01-03 22:57:12 -05:00