netfilter: ipt_CLUSTERIP: fix buffer overflow

[linux-flexiantxendom0-natty.git] / net / ipv4 / netfilter / ipt_CLUSTERIP.c

diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index 1e26a48..af7dec6 100644 (file)
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -669,8 +669,11 @@ static ssize_t clusterip_proc_write(struct file *file, const char __user *input,
        char buffer[PROC_WRITELEN+1];
        unsigned long nodenum;
 
-       if (copy_from_user(buffer, input, PROC_WRITELEN))
+       if (size > PROC_WRITELEN)
+               return -EIO;
+       if (copy_from_user(buffer, input, size))
                return -EFAULT;
+       buffer[size] = 0;
 
        if (*buffer == '+') {
                nodenum = simple_strtoul(buffer+1, NULL, 10);