Skip to content

Commit

Permalink
iovec: make sure the caller actually wants anything in memcpy_fromiov…
Browse files Browse the repository at this point in the history 
…ecend

Check for cases when the caller requests 0 bytes instead of running off
and dereferencing potentially invalid iovecs.

Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Sasha Levin authored and David S. Miller committed Aug 2, 2014
1 parent fcdfe3a commit 06ebb06
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions lib/iovec.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,10 @@ EXPORT_SYMBOL(memcpy_toiovecend);
int memcpy_fromiovecend(unsigned char *kdata, const struct iovec *iov,
int offset, int len)
{
/* No data? Done! */
if (len == 0)
return 0;

/* Skip over the finished iovecs */
while (offset >= iov->iov_len) {
offset -= iov->iov_len;
Expand Down

0 comments on commit 06ebb06

Please sign in to comment.