From bc9d7fd6b38dbe4da110a2e2f75fb6451a24af80 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20L=C3=B6pke?= <loepke@edfritsch.de>
Date: Mon, 9 May 2016 07:33:45 +0200
Subject: [PATCH] Added error handling in chardev_write if faulty memory is
 given.

---
 20160425/chardev-1write.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/20160425/chardev-1write.c b/20160425/chardev-1write.c
index 1f2701e..f592326 100644
--- a/20160425/chardev-1write.c
+++ b/20160425/chardev-1write.c
@@ -192,10 +192,16 @@ device_write(struct file *filp, const char *buff, size_t len, loff_t * off)
         }
         else {
 		int i;
-		for(i = 0; i < len; i++) //Save the given string
-			get_user(msg_username[i], buff + i);			
+		for(i = 0; i < len; i++) {//Save the given string
+			if(get_user(msg_username[i], buff + i) < 0) { //If returning error code
+        printk(KERN_WARNING "%s: You want to play a trick on me! This memory does not belong to you!\n",
+               DEVICE_NAME);
+        return -EFAULT; //Stop reading from userspace.
+			}
+						
 			//msg_username[i] = buff[i]; //Heres was the CRASH
-			//printk(KERN_INFO "Got %c at %d from %d bytes.\n", buff[i], i, (int)len);
+			//printk(KERN_INFO "Got %c at %d from %d bytes.\n", buff[i], i, len);
+		}
 		for(i = len; i < USERBUF_LEN; i++) //Zeroing the rest of mem
 			msg_username[i] = 0;
 		printk(KERN_INFO "%s: Successfully got %d bytes!\n",
-- 
GitLab