Public bug reported:
perf_event_period (called when requesting the PERF_EVENT_IOC_PERIOD on a
perf_event fd) incorrectly checks the results of copy_from_user. Instead
of checking that the call succeeded (return value == 0), it checks if
the return value is the size of the data structure and returns -EFAULT
in that case. This has the effect of causing the ioctl to fail for valid
input data and might cause it to succeed for invalid input data, causing
unpredictable values to be stored into the internal perf struct.
This bug has been fixed in later upstream kernels, but not in the 2.6.32
series.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1034010
Title:
Incorrect check when executing copy_from_user in perf_event_period
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1034010/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
