lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Aug 2012 18:47:54 -0600 From: T Makphaibulchoke <tmac@...com> To: akpm@...ux-foundation.org, linuxram@...ibm.com, paul.gortmaker@...driver.com, weiyang@...ux.vnet.ibm.com, linux-kernel@...r.kernel.org Cc: T Makphaibulchoke <tmac@...com> Subject: [PATCH] kernel/resource.c: fix stack overflow in __reserve_region_with_split Using recurvise call to try adding a non-conflicting region in the function __reserve_region_with_split() could result in a stack overflow in the case that the recursive calls are too deep. Convert the recursive calls to an iterative loop to avoid the problem. Signed-off-by: T Makphaibulchoke <tmac@...com> --- kernel/resource.c | 32 ++++++++++++++++++-------------- 1 files changed, 18 insertions(+), 14 deletions(-) diff --git a/kernel/resource.c b/kernel/resource.c index 34d4588..d6e9f9c 100644 --- a/kernel/resource.c +++ b/kernel/resource.c @@ -768,25 +768,29 @@ static void __init __reserve_region_with_split(struct resource *root, return; res->name = name; - res->start = start; - res->end = end; res->flags = IORESOURCE_BUSY; - conflict = __request_resource(parent, res); - if (!conflict) - return; + while (1) { + res->start = start; + res->end = end; - /* failed, split and try again */ - kfree(res); + conflict = __request_resource(parent, res); + if (!conflict) + break; - /* conflict covered whole area */ - if (conflict->start <= start && conflict->end >= end) - return; + /* conflict covered whole area */ + if (conflict->start <= start && conflict->end >= end) { + kfree(res); + break; + } + + /* failed, split and try again */ + if (conflict->start > start) + end = conflict->start - 1; + if (conflict->end < end) + start = conflict->end + 1; + } - if (conflict->start > start) - __reserve_region_with_split(root, start, conflict->start-1, name); - if (conflict->end < end) - __reserve_region_with_split(root, conflict->end+1, end, name); } void __init reserve_region_with_split(struct resource *root, -- 1.7.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists