leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

USB: usbtmc: inhibit corruption

Browse Source 
Limit data copied to userspace to amount requested.  Prevents a faulty
instrument from overwriting user memory.

Signed-off-by: Steve Holland <sdh4@iastate.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This commit is contained in:
Steve Holland 2009-06-18 17:37:49 -05:00 committed by Greg Kroah-Hartman
parent c2cd26e15b
commit 92d07e422d
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
drivers/usb/class/usbtmc.c
View File

@ -473,6 +473,10 @@ static ssize_t usbtmc_read(struct file *filp, char __user *buf,
n_characters = this_part; n_characters = this_part;
} }
/* Bound amount of data received by amount of data requested */
if (n_characters > this_part)
n_characters = this_part;
/* Copy buffer to user space */ /* Copy buffer to user space */
if (copy_to_user(buf + done, &buffer[12], n_characters)) { if (copy_to_user(buf + done, &buffer[12], n_characters)) {
/* There must have been an addressing problem */ /* There must have been an addressing problem */