| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190528193004.GA7744@gmail.com>
Date: Tue, 28 May 2019 22:05:40 +0200
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: Souptick Joarder <jrdr.linux@...il.com>
Cc: Matthew Wilcox <willy@...radead.org>,
Peter Zijlstra <peterz@...radead.org>,
Jérôme Glisse <jglisse@...hat.com>,
"Aneesh Kumar K.V" <aneesh.kumar@...ux.ibm.com>,
Huang Ying <ying.huang@...el.com>,
open list <linux-kernel@...r.kernel.org>
Subject: [PATCH] mm: Fail when offset == num in first check of
vm_map_pages_zero()
If the user asks us for offset == num, we should already fail in the
first check, i.e. the one testing for offsets beyond the object.
At the moment, we are failing on the second test anyway,
since count cannot be 0. Still, to agree with the comment of the first
test, we should first there.
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
---
mm/memory.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/memory.c b/mm/memory.c
index ddf20bd0c317..74cf8b0ce353 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -1547,7 +1547,7 @@ static int __vm_map_pages(struct vm_area_struct *vma, struct page **pages,
int ret, i;
/* Fail if the user requested offset is beyond the end of the object */
- if (offset > num)
+ if (offset >= num)
return -ENXIO;
/* Fail if the user requested size exceeds available object size */
--
2.17.1
Powered by blists - more mailing lists