diff options
author | Ralf Baechle <ralf@linux-mips.org> | 2006-02-19 03:42:11 (GMT) |
---|---|---|
committer | Ralf Baechle <ralf@linux-mips.org> | 2006-02-21 16:58:23 (GMT) |
commit | f3468e0c34c8de919062582575a01e2434c8e727 (patch) | |
tree | cb21a54f7b04e1408ea23016066c4c55aa3620cd /arch/mips | |
parent | 82ad93f4a002294820e9a5e6f84beef2222a54b7 (diff) | |
download | linux-fsl-qoriq-f3468e0c34c8de919062582575a01e2434c8e727.tar.xz |
[MIPS] N32: Make sure pointer is good before passing it to sys_waitid().
After all we're calling sys_waitid() with fs set to KERNEL_DS ...
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Diffstat (limited to 'arch/mips')
-rw-r--r-- | arch/mips/kernel/linux32.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c index 9996b6e..5f68b22 100644 --- a/arch/mips/kernel/linux32.c +++ b/arch/mips/kernel/linux32.c @@ -230,6 +230,9 @@ sysn32_waitid(int which, compat_pid_t pid, long ret; mm_segment_t old_fs = get_fs(); + if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo))) + return -EFAULT; + set_fs (KERNEL_DS); ret = sys_waitid(which, pid, uinfo, options, uru ? (struct rusage __user *) &ru : NULL); |