Google Git
Sign in
coral/linux-imx/eceea0b3df05ed262ae32e0c6340cc7a3626632d^!/./kernel/sysctl.c
commit
eceea0b3df05ed262ae32e0c6340cc7a3626632d
[log]
author
Al Viro <viro@zeniv.linux.org.uk>
Sat May 10 10:08:32 2008 -0400
committer
Al Viro <viro@zeniv.linux.org.uk>
Fri May 16 17:22:52 2008 -0400
tree
73e5e33acace9187d5729a9a8c8ff53c3d720d52
parent
adbecb128cd2cc5d14b0ebef6d020ced0efd0ec6 [diff] [blame]
[PATCH] avoid multiplication overflows and signedness issues for max_fds

Limit sysctl_nr_open - we don't want ->max_fds to exceed MAX_INT and
we don't want size calculation for ->fd[] to overflow.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index d7ffdc5..2911665 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c

@@ -81,6 +81,7 @@
 extern int maps_protect;
 extern int sysctl_stat_interval;
 extern int latencytop_enabled;
+extern int sysctl_nr_open_min, sysctl_nr_open_max;
 
 /* Constants used for minimum and  maximum */
 #if defined(CONFIG_DETECT_SOFTLOCKUP) || defined(CONFIG_HIGHMEM)
@@ -1190,7 +1191,9 @@
 		.data		= &sysctl_nr_open,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
-		.proc_handler	= &proc_dointvec,
+		.proc_handler	= &proc_dointvec_minmax,
+		.extra1		= &sysctl_nr_open_min,
+		.extra2		= &sysctl_nr_open_max,
 	},
 	{
 		.ctl_name	= FS_DENTRY,