From: Mike Waychison <mikew@google.com>
Date: Wed, 5 Oct 2011 00:43:42 +0000 (+1100)
Subject: oprofilefs: handle zero-length writes
X-Git-Tag: next-20111013~1^2~72
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=2568923c43c7eb8a4b1bb9d50c34daca54f1200c;p=karo-tx-linux.git

oprofilefs: handle zero-length writes

Currently in oprofilefs, files that use ulong_fops mis-handle writes of
zero length.  A count of 0 causes oprofilefs_ulong_from_user to return 0
(success), which then leads to oprofile_set_ulong being called to stuff
"value" into file->private_data without it being initialized.

Fix this by moving the check for a zero-length write up into
ulong_write_file.

Signed-off-by: Mike Waychison <mikew@google.com>
Cc: Robert Richter <robert.richter@amd.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

diff --git a/drivers/oprofile/oprofilefs.c b/drivers/oprofile/oprofilefs.c
index d0de6cc2d7a5..87506ecdd942 100644
--- a/drivers/oprofile/oprofilefs.c
+++ b/drivers/oprofile/oprofilefs.c
@@ -65,9 +65,6 @@ int oprofilefs_ulong_from_user(unsigned long *val, char const __user *buf, size_
 	char tmpbuf[TMPBUFSIZE];
 	unsigned long flags;
 
-	if (!count)
-		return 0;
-
 	if (count > TMPBUFSIZE - 1)
 		return -EINVAL;
 
@@ -97,6 +94,8 @@ static ssize_t ulong_write_file(struct file *file, char const __user *buf, size_
 
 	if (*offset)
 		return -EINVAL;
+	if (count == 0)
+		return 0;
 
 	retval = oprofilefs_ulong_from_user(&value, buf, count);
 	if (retval)