Re: [Oops 1/2]Something wrong with copy_from_user() function

From: Jiri Kosina
Date: Sat Apr 30 2011 - 17:13:17 EST

Next message: Pali RohÃr: "[PATCH] bq27x00_battery: Name of cycle count property"
Previous message: Cedric Sodhi: "Status of vgaswitcheroo - Devastating!"
In reply to: Andy Lutomirski: "Re: [Oops 1/2]Something wrong with copy_from_user() function"
Next in thread: Harry Wei: "Re: [Oops 1/2]Something wrong with copy_from_user() function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 30 Apr 2011, Harry Wei wrote:

> Hi us,
> When i was compiling 2.6.38.2 kernel. Something wrong happend to me.
> It shows like following.
>
> [...]
> Warning: call to 'copy_from_user_overflow' declared with attribute warning:
> copy_from_user buffer size is not provably correct.
> [...]
>
> See http://s1202.photobucket.com/albums/bb364/harrywei/Kernel/?action=view&current=report_bug.png for details.
> I tried to fix this warning, but i don't know how to deal with
> it. Can anyone help me.

wpa_set_keys() function (from staging drivers) in your kernel uses
copy_from_user() without proper bounds checking, and thus can overflow and
corrupt memory.

--
Jiri Kosina
SUSE Labs, Novell Inc.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pali RohÃr: "[PATCH] bq27x00_battery: Name of cycle count property"
Previous message: Cedric Sodhi: "Status of vgaswitcheroo - Devastating!"
In reply to: Andy Lutomirski: "Re: [Oops 1/2]Something wrong with copy_from_user() function"
Next in thread: Harry Wei: "Re: [Oops 1/2]Something wrong with copy_from_user() function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]