Skip to content

Commit

Permalink
ipc/shm: Fix order of parameters when calling copy_compat_shmid_to_user
Browse files Browse the repository at this point in the history 
Commit 553f770 ("ipc: move compat shmctl to native") moved the
compat IPC syscall handling into ipc/shm.c and refactored the struct
accessors in the process. Unfortunately, the call to
copy_compat_shmid_to_user when handling a compat {IPC,SHM}_STAT command
gets the arguments the wrong way round, passing a kernel stack address
as the user buffer (destination) and the user buffer as the kernel stack
address (source).

This patch fixes the parameter ordering so the buffers are accessed
correctly.

Cc: Al Viro <[email protected]>
Cc: Andrew Morton <[email protected]>
Signed-off-by: Will Deacon <[email protected]>
Signed-off-by: Al Viro <[email protected]>
  • Loading branch information
@wildea01
wildea01 authored and Al Viro committed Sep 21, 2017
1 parent a90bcb8 commit 58aff0a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ipc/shm.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1237,7 +1237,7 @@ COMPAT_SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, void __user *, uptr)
err = shmctl_stat(ns, shmid, cmd, &sem64);
if (err < 0)
return err;
if (copy_compat_shmid_to_user(&sem64, uptr, version))
if (copy_compat_shmid_to_user(uptr, &sem64, version))
err = -EFAULT;
return err;

Expand Down

0 comments on commit 58aff0a

Please sign in to comment.