renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-06 12:44:14 +08:00
Code

tty/vt: check allocation size in con_set_unimap()

Browse Source 
The vmemdup_user() function has no 2-factor argument form. Use array_size()
to check for the overflow.

Signed-off-by: Denis Efremov <efremov@linux.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20200603102804.2110817-1-efremov@linux.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Denis Efremov 2020-06-03 13:28:04 +03:00 committed by Greg Kroah-Hartman
parent 5ba1278787
commit 5de30b286e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/tty/vt/consolemap.c
View File

@ -542,7 +542,7 @@ int con_set_unimap(struct vc_data *vc, ushort ct, struct unipair __user *list)
if (!ct)
return 0;
unilist = vmemdup_user(list, ct * sizeof(struct unipair));
unilist = vmemdup_user(list, array_size(sizeof(struct unipair), ct));
if (IS_ERR(unilist))
return PTR_ERR(unilist);