From: Jesper Juhl akpm: It's a bit debatable. The user passed in a buffer of a particular size, and we successfully sopied the LDT info into it, but we got a fault when clearing out the rest of the user's buffer. Is that worth a -EFAULT? I suppose so... Signed-off-by: Jesper Juhl Signed-off-by: Andrew Morton --- 25-akpm/arch/i386/kernel/ldt.c | 9 +++++++-- 1 files changed, 7 insertions(+), 2 deletions(-) diff -puN arch/i386/kernel/ldt.c~read_ldt-neglects-to-check-clear_user-return-value arch/i386/kernel/ldt.c --- 25/arch/i386/kernel/ldt.c~read_ldt-neglects-to-check-clear_user-return-value Mon Aug 30 16:15:53 2004 +++ 25-akpm/arch/i386/kernel/ldt.c Mon Aug 30 16:15:53 2004 @@ -142,12 +142,17 @@ static int read_ldt(void __user * ptr, u err = -EFAULT; up(&mm->context.sem); if (err < 0) - return err; + goto error_return; if (size != bytecount) { /* zero-fill the rest */ - clear_user(ptr+size, bytecount-size); + if (clear_user(ptr+size, bytecount-size) != 0) { + err = -EFAULT; + goto error_return; + } } return bytecount; +error_return: + return err; } static int read_default_ldt(void __user * ptr, unsigned long bytecount) _