This is CVE-2006-0555 and SGI bug 946529. A normal user can panic an
NFS client and cause a local DoS with 'judicious'(?) use of O_DIRECT.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
result = get_user_pages(current, current->mm, user_addr,
page_count, (rw == READ), 0,
*pages, NULL);
+ if (result >= 0 && result < page_count) {
+ nfs_free_user_pages(*pages, result, 0);
+ *pages = NULL;
+ result = -EFAULT;
+ }
up_read(¤t->mm->mmap_sem);
}
return result;