From 1dc5214aa9c92a577974c73872bd77803167e6e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20L=C3=B6pke?= <loepke@edfritsch.de> Date: Sun, 1 May 2016 14:31:16 +0200 Subject: [PATCH] Fixed security vulnerability if writing unterminated max length string. --- 20160425/chardev-1write.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/20160425/chardev-1write.c b/20160425/chardev-1write.c index bb6c15e..bd24f06 100644 --- a/20160425/chardev-1write.c +++ b/20160425/chardev-1write.c @@ -183,7 +183,7 @@ device_write(struct file *filp, const char *buff, size_t len, loff_t * off) /* Since nobody wants to read I have to correct the already told you counter! */ told_you_counter--; - if(len > USERBUF_LEN) { + if(len >= USERBUF_LEN) { printk( KERN_WARNING "%s: Sorry, your input is too long. Max %d allowed!\n", DEVICE_NAME, -- GitLab