* Re: [tip:sched/numa 20/35] mm/mempolicy.c:2426 mpol_parse_str() error: buffer overflow 'policy_modes
@ 2012-10-01 13:22 Peter Zijlstra
0 siblings, 0 replies; only message in thread
From: Peter Zijlstra @ 2012-10-01 13:22 UTC (permalink / raw)
To: kernel-janitors
On Fri, 2012-09-28 at 19:14 +0800, Fengguang Wu wrote:
> + mm/mempolicy.c:2426 mpol_parse_str() error: buffer overflow 'policy_modes' 5 <= 5
---
Subject: mm, mpol: Fix buffer overflow in mpol_parse_str()
From: Peter Zijlstra <a.p.zijlstra@chello.nl>
Date: Mon Oct 01 15:12:16 CEST 2012
Wu reported a smatch error:
+ mm/mempolicy.c:2426 mpol_parse_str() error: buffer overflow 'policy_modes' 5 <= 5
Fix it by growing the array to the right size, but avoid it being a
valid string for mpol_parse_str() because its not an effective policy.
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
---
mm/mempolicy.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -2514,7 +2514,8 @@ static const char * const policy_modes[]
[MPOL_PREFERRED] = "prefer",
[MPOL_BIND] = "bind",
[MPOL_INTERLEAVE] = "interleave",
- [MPOL_LOCAL] = "local"
+ [MPOL_LOCAL] = "local",
+ [MPOL_NOOP] = "noop", /* should not actually be used */
};
@@ -2565,7 +2566,7 @@ int mpol_parse_str(char *str, struct mem
break;
}
}
- if (mode >= MPOL_MAX)
+ if (mode >= MPOL_MAX || mode = MPOL_NOOP)
goto out;
switch (mode) {
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-10-01 13:22 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-01 13:22 [tip:sched/numa 20/35] mm/mempolicy.c:2426 mpol_parse_str() error: buffer overflow 'policy_modes Peter Zijlstra
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox