linux-stable-rt/fs
Markus Armbruster b32a09db4f add match_strlcpy() us it to make v9fs make uname and remotename parsing more robust
match_strcpy() is a somewhat creepy function: the caller needs to make sure
that the destination buffer is big enough, and when he screws up or
forgets, match_strcpy() happily overruns the buffer.

There's exactly one customer: v9fs_parse_options().  I believe it currently
can't overflow its buffer, but that's not exactly obvious.

The source string is a substing of the mount options.  The kernel silently
truncates those to PAGE_SIZE bytes, including the terminating zero.  See
compat_sys_mount() and do_mount().

The destination buffer is obtained from __getname(), which allocates from
name_cachep, which is initialized by vfs_caches_init() for size PATH_MAX.

We're safe as long as PATH_MAX <= PAGE_SIZE.  PATH_MAX is 4096.  As far as
I know, the smallest PAGE_SIZE is also 4096.

Here's a patch that makes the code a bit more obviously correct.  It
doesn't depend on PATH_MAX <= PAGE_SIZE.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Cc: Latchesar Ionkov <lucho@ionkov.net>
Cc: Jim Meyering <meyering@redhat.com>
Cc: "Randy.Dunlap" <rdunlap@xenotime.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2008-05-14 19:23:25 -05:00
..
9p add match_strlcpy() us it to make v9fs make uname and remotename parsing more robust 2008-05-14 19:23:25 -05:00
adfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
affs [PATCH] fix reservation discarding in affs 2008-05-06 13:45:33 -04:00
afs afs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
autofs
autofs4 autofs: path_{get,put}() cleanups 2008-05-01 08:04:01 -07:00
befs befs: fix sparse warning in linuxvfs.c 2008-04-29 08:05:59 -07:00
bfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
cifs [CIFS] don't allow demultiplex thread to exit until kthread_stop is called 2008-05-11 17:45:44 +00:00
coda codafs: fix build warning 2008-04-29 08:06:04 -07:00
configfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
cramfs
debugfs DEBUGFS: Correct location of debugfs API documentation. 2008-04-30 16:52:47 -07:00
devpts devpts: factor out PTY index allocation 2008-04-30 08:29:48 -07:00
dlm fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ecryptfs eCryptFS: fix imbalanced mutex locking 2008-05-13 08:02:26 -07:00
efs
exportfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ext2
ext3 ext3: fix test ext_generic_write_end() copied return value 2008-04-29 22:01:27 -04:00
ext4 Fix misuses of bdevname() 2008-05-13 08:02:26 -07:00
fat fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
freevxfs fs/freevxfs/: proper externs 2008-04-29 08:06:00 -07:00
fuse fuse: add flag to turn on big writes 2008-05-13 08:02:26 -07:00
gfs2 fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
hfs hfs: fix warning with 64k PAGE_SIZE 2008-04-30 08:29:52 -07:00
hfsplus Fix hfsplus oops on image without extents 2008-05-13 08:02:24 -07:00
hostfs
hpfs
hppfs uml: move hppfs_kern.c to hppfs.c 2008-05-13 08:02:21 -07:00
hugetlbfs mm: bdi: add separate writeback accounting capability 2008-04-30 08:29:50 -07:00
isofs isofs: fix access to unallocated memory when reading corrupted filesystem 2008-04-30 08:29:33 -07:00
jbd jbd: replace remaining __FUNCTION__ occurrences 2008-04-28 08:58:45 -07:00
jbd2 Fix misuses of bdevname() 2008-05-13 08:02:26 -07:00
jffs2 Merge git://git.infradead.org/mtd-2.6 2008-05-01 11:15:28 -07:00
jfs proc: remove proc_root_fs 2008-04-29 08:06:18 -07:00
lockd fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
minix
msdos fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ncpfs ncpfs: use get/put_unaligned_* helpers 2008-04-29 08:06:28 -07:00
nfs mm: bdi: expose the BDI object in sysfs for NFS 2008-04-30 08:29:49 -07:00
nfs_common
nfsd fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
nls
ntfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ocfs2 ocfs2: Use GFP_NOFS in kmalloc during localalloc window move 2008-04-30 17:09:58 -07:00
openpromfs
partitions fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
proc capabilities: add bounding set to /proc/self/status 2008-05-13 08:02:24 -07:00
qnx4
ramfs mm: bdi: add separate writeback accounting capability 2008-04-30 08:29:50 -07:00
reiserfs reiserfs: use open_bdev_excl 2008-04-30 08:29:51 -07:00
romfs
smbfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
sysfs sysfs: Disallow truncation of files in sysfs 2008-04-30 16:52:46 -07:00
sysv sysv: [bl]e*_add_cpu conversion 2008-04-30 08:29:52 -07:00
udf Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-udf-2.6 2008-05-08 10:48:03 -07:00
ufs ufs: remove unneeded ufs_put_inode prototype 2008-05-13 08:02:23 -07:00
vfat fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
xfs [XFS] Include linux/random.h in all builds, not just debug. 2008-04-30 07:53:50 -07:00
Kconfig [S390] System z large page support. 2008-04-30 13:38:47 +02:00
Kconfig.binfmt make BINFMT_FLAT a bool 2008-04-29 08:06:01 -07:00
Makefile
aio.c debugobjects: add timer specific object debugging code 2008-04-30 08:29:53 -07:00
anon_inodes.c [PATCH] sanitize anon_inode_getfd() 2008-05-01 13:08:50 -04:00
attr.c
bad_inode.c
binfmt_aout.c fs/binfmt_aout.c: use printk_ratelimit() 2008-04-29 08:06:04 -07:00
binfmt_elf.c elf: fix shadowed variables in fs/binfmt_elf.c 2008-04-29 08:06:16 -07:00
binfmt_elf_fdpic.c fdpic: check that the size returned by kernel_read() is what we asked for 2008-04-29 08:06:05 -07:00
binfmt_em86.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_flat.c procfs task exe symlink 2008-04-29 08:06:17 -07:00
binfmt_misc.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_script.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_som.c
bio.c docbook: fix bio missing parameter 2008-05-07 18:35:03 +02:00
block_dev.c
buffer.c fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
char_dev.c fs: remove unused fops from struct char_device_struct 2008-04-29 08:06:01 -07:00
compat.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
compat_binfmt_elf.c
compat_ioctl.c tty: The big operations rework 2008-04-30 08:29:47 -07:00
dcache.c
dcookies.c
direct-io.c
dnotify.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
dquot.c quota: don't call sync_fs() from vfs_quota_off() when there's no quota turn off 2008-05-13 08:02:23 -07:00
drop_caches.c vfs: skip inodes without pages to free in drop_pagecache_sb() 2008-04-29 08:06:05 -07:00
eventfd.c [PATCH] sanitize anon_inode_getfd() 2008-05-01 13:08:50 -04:00
eventpoll.c [PATCH] sanitize anon_inode_getfd() 2008-05-01 13:08:50 -04:00
exec.c memcg: fix possible panic when CONFIG_MM_OWNER=y 2008-05-13 08:02:25 -07:00
fcntl.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
fifo.c
file.c [PATCH] fix sysctl_nr_open bugs 2008-05-01 13:08:57 -04:00
file_table.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
filesystems.c
fs-writeback.c fs/fs-writeback.c: make 2 functions static 2008-04-29 08:06:00 -07:00
generic_acl.c
inode.c VFS: fix unused variable warning 2008-05-06 13:13:37 -07:00
inotify.c
inotify_user.c Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
internal.h
ioctl.c make vfs_ioctl() static 2008-04-29 08:06:00 -07:00
ioprio.c
libfs.c
locks.c Add new 'cond_resched_bkl()' helper function 2008-05-11 16:04:48 -07:00
mbcache.c
mpage.c
namei.c cgroups: implement device whitelist 2008-04-29 08:06:09 -07:00
namespace.c fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
nfsctl.c
no-block.c
open.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
pipe.c sys_pipe(): fix file descriptor leaks 2008-05-08 10:46:56 -07:00
pnode.c
pnode.h
posix_acl.c
quota.c
quota_v1.c
quota_v2.c quota: le*_add_cpu conversion 2008-04-30 08:29:51 -07:00
read_write.c
read_write.h
readdir.c
select.c [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
seq_file.c
signalfd.c [PATCH] sanitize anon_inode_getfd() 2008-05-01 13:08:50 -04:00
splice.c Revert "relay: fix splice problem" 2008-05-08 14:06:19 +02:00
stack.c
stat.c
super.c make __put_super() static 2008-04-29 08:06:00 -07:00
sync.c vfs: fix unconditional write_super() call in file_fsync() 2008-04-29 08:06:06 -07:00
timerfd.c [PATCH] sanitize anon_inode_getfd() 2008-05-01 13:08:50 -04:00
utimes.c vfs: fix permission checking in sys_utimensat 2008-05-01 08:03:59 -07:00
xattr.c xattr: add missing consts to function arguments 2008-04-29 08:06:06 -07:00
xattr_acl.c