nfsd: don't allow zero length strings in cache_parse()

author Dan Carpenter <dan.carpenter@oracle.com>

Wed, 18 Jan 2012 09:56:02 +0000 (12:56 +0300)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Mon, 2 Apr 2012 16:53:10 +0000 (09:53 -0700)
author Dan Carpenter <dan.carpenter@oracle.com>
Wed, 18 Jan 2012 09:56:02 +0000 (12:56 +0300)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 2 Apr 2012 16:53:10 +0000 (09:53 -0700)
diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c

index 72ad836..4530a91 100644 (file)
--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -828,6 +828,8 @@ static ssize_t cache_do_downcall(char *kaddr, const char __user *buf,
  {
         ssize_t ret;
  
+       if (count == 0)
+               return -EINVAL;
         if (copy_from_user(kaddr, buf, count))
                 return -EFAULT;
         kaddr[count] = '\0';
author	Dan Carpenter <dan.carpenter@oracle.com>
	Wed, 18 Jan 2012 09:56:02 +0000 (12:56 +0300)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 2 Apr 2012 16:53:10 +0000 (09:53 -0700)