| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1370274140-26420-7-git-send-email-jiang.liu@huawei.com> Date: Mon, 3 Jun 2013 23:42:18 +0800 From: Jiang Liu <liuj97@...il.com> To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Nitin Gupta <ngupta@...are.org>, Minchan Kim <minchan@...nel.org>, Jerome Marchand <jmarchan@...hat.com> Cc: Yijing Wang <wangyijing@...wei.com>, Jiang Liu <jiang.liu@...wei.com>, devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org Subject: [RFC PATCH v1 6/8] zram: avoid access beyond the zram device Function valid_io_request() should verify the entire request doesn't exceed the zram device, otherwise it will cause invalid memory access. Signed-off-by: Jiang Liu <jiang.liu@...wei.com> --- drivers/staging/zram/zram_drv.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/staging/zram/zram_drv.c b/drivers/staging/zram/zram_drv.c index 66cf28a..64b51b9 100644 --- a/drivers/staging/zram/zram_drv.c +++ b/drivers/staging/zram/zram_drv.c @@ -428,6 +428,10 @@ static inline int valid_io_request(struct zram *zram, struct bio *bio) return 0; } + if (unlikely((bio->bi_sector << SECTOR_SHIFT) + bio->bi_size >= + zram->disksize)) + return 0; + /* I/O request is valid */ return 1; } -- 1.8.1.2 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists