2015-12-02 19:08:19

by Geyslan G. Bem

Subject: [PATCH] ia64: bitvector_process could read out of bounds

The units[] array could be accessed out of its bounds due the lack of
verification of the max vector value.

To make this function not prone to error "P" and "E" suffixes were added.
Despite the new suffixes are unrelated to current ia64 vm magnitudes, they
make the code ready for it and avoid misleadings.

Catched using static analysis (cppcheck).

Signed-off-by: Geyslan G. Bem <[email protected]>
---
arch/ia64/kernel/palinfo.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/ia64/kernel/palinfo.c b/arch/ia64/kernel/palinfo.c
index c39c3cd..160aba1 100644
--- a/arch/ia64/kernel/palinfo.c
+++ b/arch/ia64/kernel/palinfo.c
@@ -126,7 +126,7 @@ static const char *mem_attrib[]={
static void bitvector_process(struct seq_file *m, u64 vector)
{
int i,j;
- static const char *units[]={ "", "K", "M", "G", "T" };
+ static const char *units[] = { "", "K", "M", "G", "T", "P", "E" };

for (i=0, j=0; i < 64; i++ , j=i/10) {
if (vector & 0x1)
--
2.6.2

2015-12-07 10:07:22

by Peter Senna Tschudin

Subject: Re: [PATCH] ia64: bitvector_process could read out of bounds

On Wed, Dec 2, 2015 at 8:07 PM, Geyslan G. Bem <[email protected]> wrote:
> The units[] array could be accessed out of its bounds due the lack of
> verification of the max vector value.
>
> To make this function not prone to error "P" and "E" suffixes were added.
> Despite the new suffixes are unrelated to current ia64 vm magnitudes, they
> make the code ready for it and avoid misleadings.

I would mention that you also fix some white space issues, but other than that:

Acked-by: Peter Senna Tschudin <[email protected]>
>
> Catched using static analysis (cppcheck).
>
> Signed-off-by: Geyslan G. Bem <[email protected]>

> ---
> arch/ia64/kernel/palinfo.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/ia64/kernel/palinfo.c b/arch/ia64/kernel/palinfo.c
> index c39c3cd..160aba1 100644
> --- a/arch/ia64/kernel/palinfo.c
> +++ b/arch/ia64/kernel/palinfo.c
> @@ -126,7 +126,7 @@ static const char *mem_attrib[]={
> static void bitvector_process(struct seq_file *m, u64 vector)
> {
> int i,j;
> - static const char *units[]={ "", "K", "M", "G", "T" };
> + static const char *units[] = { "", "K", "M", "G", "T", "P", "E" };
>
> for (i=0, j=0; i < 64; i++ , j=i/10) {
> if (vector & 0x1)
> --
> 2.6.2
>



--
Peter