Commit-ID: b9fb9910378947a2b7d58ca75d805b907929e001
Gitweb: http://git.kernel.org/tip/b9fb9910378947a2b7d58ca75d805b907929e001
Author: Peter Zijlstra <[email protected]>
AuthorDate: Mon, 1 Oct 2012 15:12:16 +0200
Committer: Ingo Molnar <[email protected]>
CommitDate: Fri, 5 Oct 2012 14:00:30 +0200
mm/mpol: Fix potential buffer overflow in mpol_parse_str()
Wu reported an Smatch error:
+ mm/mempolicy.c:2426 mpol_parse_str() error: buffer overflow 'policy_modes' 5 <= 5
Fix it by growing the array to the right size, but avoid it being a
valid string for mpol_parse_str() because its not an effective policy.
Reported-by: Fengguang Wu <[email protected]>
Signed-off-by: Peter Zijlstra <[email protected]>
Cc: Andrew Morton <[email protected]>
Link: http://lkml.kernel.org/n/[email protected]
Signed-off-by: Ingo Molnar <[email protected]>
---
mm/mempolicy.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 7b4ff19..e59756a 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -2514,7 +2514,8 @@ static const char * const policy_modes[] =
[MPOL_PREFERRED] = "prefer",
[MPOL_BIND] = "bind",
[MPOL_INTERLEAVE] = "interleave",
- [MPOL_LOCAL] = "local"
+ [MPOL_LOCAL] = "local",
+ [MPOL_NOOP] = "noop", /* should not actually be used */
};
@@ -2565,7 +2566,7 @@ int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context)
break;
}
}
- if (mode >= MPOL_MAX)
+ if (mode >= MPOL_MAX || mode == MPOL_NOOP)
goto out;
switch (mode) {