> + if (ncmds <= 0 || !cmds) > + return -EINVAL; > + cmd_size = sizeof(struct epoll_ctl_cmd) * ncmds; > + kcmds = kmalloc(cmd_size, GFP_KERNEL); You should probably fix the integer overflow in the calculation of the cmd_size variable, unless you like root vulnerabilities.
-- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
