iovec: make sure the caller actually wants anything in memcpy_fromiovecend
[ Upstream commit 06ebb06d49486676272a3c030bfeef4bd969a8e6 ] Check for cases when the caller requests 0 bytes instead of running off and dereferencing potentially invalid iovecs. Signed-off-by: Sasha Levin <sasha.levin@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Sasha Levin
committed by
Greg Kroah-Hartman
Greg Kroah-Hartman
parent
c290a4ef1f
commit
9d868b94a6
@@ -107,6 +107,10 @@ EXPORT_SYMBOL(memcpy_toiovecend);
|
||||
int memcpy_fromiovecend(unsigned char *kdata, const struct iovec *iov,
|
||||
int offset, int len)
|
||||
{
|
||||
/* No data? Done! */
|
||||
if (len == 0)
|
||||
return 0;
|
||||
|
||||
/* Skip over the finished iovecs */
|
||||
while (offset >= iov->iov_len) {
|
||||
offset -= iov->iov_len;
|
||||
|
||||
Reference in New Issue
Block a user