Re: memmove issues

To:	Rajagopal Ananthanarayanan <ananth@xxxxxxx>
Subject:	Re: memmove issues
From:	Ralf Baechle <ralf@xxxxxxxxxxx>
Date:	Wed, 6 Dec 2000 02:03:07 +0100
Cc:	linux-origin@xxxxxxxxxxx
In-reply-to:	<3A2D84A8.1BF555F1@xxxxxxx>; from ananth@xxxxxxx on Tue, Dec 05, 2000 at 04:13:28PM -0800
References:	<3A2D84A8.1BF555F1@xxxxxxx>
Sender:	owner-linux-origin@xxxxxxxxxxx

On Tue, Dec 05, 2000 at 04:13:28PM -0800, Rajagopal Ananthanarayanan wrote:

> In porting XFS to mips64 I ran into a problem where if memmove is called
> with zero length, the code gets into a bogus loop. Ideally, memmove with
> zero length should be a no-op ...
>
> Is it possible to fix this in MIPS64 so we don't have to work-around this
> problem in XFS?
> 
> Also, memset & memcpy should also behave similarly --- if called with zero
> length then it should be a no-op.

memcpy, memmove and __copy_{to,from}_user are all unified in one fat
routine, so fixing one will fix all of them.

The bug fix is critical because via copy_{to,from}_user functions that
can be turned into an exploitable DoS attack.  32-bit kernel is also
affected.

memset & clear_user should already handles the zero length problem correctly.

  Ralf

<Prev in Thread]	Current Thread	[Next in Thread>
memmove issues, Rajagopal Ananthanarayanan Re: memmove issues, Ralf Baechle <=

Previous by Date:	memmove issues, Rajagopal Ananthanarayanan
Next by Date:	glibc-devel/statvfs etc., Rajagopal Ananthanarayanan
Previous by Thread:	memmove issues, Rajagopal Ananthanarayanan
Next by Thread:	glibc-devel/statvfs etc., Rajagopal Ananthanarayanan
Indexes:	[Date] [Thread] [Top] [All Lists]