atm: iphase: Avoid copying pointers to user space.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Remove the MEMDUMP_DEV case in ia_ioctl to avoid copy
pointers to user space.

Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Fuqian Huang and committed by

David S. Miller 7 years ago 55c0dd8a 7fecf0a1

-6

1 changed file

expand all

drivers

atm

iphase.c

-6

drivers/atm/iphase.c

··· 2767 2767 case MEMDUMP: 2768 2768 { 2769 2769 switch (ia_cmds.sub_cmd) { 2770 - case MEMDUMP_DEV: 2771 - if (!capable(CAP_NET_ADMIN)) return -EPERM; 2772 - if (copy_to_user(ia_cmds.buf, iadev, sizeof(IADEV))) 2773 - return -EFAULT; 2774 - ia_cmds.status = 0; 2775 - break; 2776 2770 case MEMDUMP_SEGREG: 2777 2771 if (!capable(CAP_NET_ADMIN)) return -EPERM; 2778 2772 tmps = (u16 __user *)ia_cmds.buf;