s390/uaccess: fix strncpy_from_user/strnlen_user zero maxlen case

If the maximum length specified for the to be accessed string for strncpy_from_user() and strnlen_user() is zero the following incorrect values would be returned or incorrect memory accesses would happen: strnlen_user_std() and strnlen_user_pt() incorrectly return "1" strncpy_from_user_pt() would incorrectly access "dst[maxlen - 1]" strncpy_from_user_mvcos() would incorrectly return "-EFAULT" Fix all these oddities by adding early checks. Reviewed-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
author: Heiko Carstens <heiko.carstens@de.ibm.com> 2013-02-21 16:30:42 +0400
committer: Martin Schwidefsky <schwidefsky@de.ibm.com> 2013-02-28 12:37:08 +0400
commit: f45655f6a65538237359abce55edab9cfcc6d82f (patch)
tree: bf392ffe658ae512ed992ff24a3b6f5a32c092f7 /arch/s390/lib/uaccess_std.c
parent: d7b788cd06a3080ebf0b2f5f2e008d4fda2b336e (diff)
download: linux-f45655f6a65538237359abce55edab9cfcc6d82f.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/s390/lib/uaccess_std.c b/arch/s390/lib/uaccess_std.c
index 6fbd06338270..79c6c7d76e08 100644
--- a/arch/s390/lib/uaccess_std.c
+++ b/arch/s390/lib/uaccess_std.c
@@ -188,6 +188,8 @@ size_t strnlen_user_std(size_t size, const char __user *src)
 	register unsigned long reg0 asm("0") = 0UL;
 	unsigned long tmp1, tmp2;
 
+	if (unlikely(!size))
+		return 0;
 	asm volatile(
 		"   la    %2,0(%1)\n"
 		"   la    %3,0(%0,%1)\n"
author	Heiko Carstens <heiko.carstens@de.ibm.com>	2013-02-21 16:30:42 +0400
committer	Martin Schwidefsky <schwidefsky@de.ibm.com>	2013-02-28 12:37:08 +0400
commit	f45655f6a65538237359abce55edab9cfcc6d82f (patch)
tree	bf392ffe658ae512ed992ff24a3b6f5a32c092f7 /arch/s390/lib/uaccess_std.c
parent	d7b788cd06a3080ebf0b2f5f2e008d4fda2b336e (diff)
download	linux-f45655f6a65538237359abce55edab9cfcc6d82f.tar.xz