On 01/30, Andrew Morton wrote:
>
> @@ -1705,18 +1704,38 @@ static int _proc_do_string(void* data, i
> ((char *) data)[len] = 0;
> *ppos += *lenp;
> } else {
> - len = strlen(data);
> + loff_t pos = *ppos;
> + const size_t slen = strlen(data);
> +
> + /*
> + * len is the amount of data to copy, and becomes the amount of
> + * data which was copied
> + */
> + len = slen;
> + if (pos > len) {
> + *lenp = 0;
> + return 0;
> + }
> if (len > maxlen)
> len = maxlen;
> if (len > *lenp)
> len = *lenp;
> - if (len)
> - if(copy_to_user(buffer, data, len))
> - return -EFAULT;
> - if (len < *lenp) {
> - if(put_user('\n', ((char __user *) buffer) + len))
> + /* Don't copy past the end of the string */
> + if (len > slen - pos)
> + len = slen - pos;
> + data += pos;
> + /* Copy as much of the string as we can */
> + if (len) {
> + if (copy_to_user(buffer, data, len))
> return -EFAULT;
> - len++;
> + }
> + /* If we copied the whole string, now write a \n */
> + if (len + pos == slen) {
> + if (len + pos < maxlen) {
^^^^^^^^^^^^^^^^^^^^^^^
Shouldn't this be
if (len < *lenp)
?
> + if (put_user('\n', (char __user *)buffer + len))
> + return -EFAULT;
> + len++;
> + }
> }
> *lenp = len;
> *ppos += len;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
