lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 7 May 2021 11:26:34 +0100
From:   Mel Gorman <mgorman@...hsingularity.net>
To:     Rasmus Villemoes <linux@...musvillemoes.dk>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Alexander Lobakin <alobakin@...me>,
        Vlastimil Babka <vbabka@...e.cz>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm/page_alloc: __alloc_pages_bulk(): do bounds check
 before accessing array

On Fri, May 07, 2021 at 08:45:03AM +0200, Rasmus Villemoes wrote:
> In the event that somebody would call this with an already fully
> populated page_array, the last loop iteration would do an access
> beyond the end of page_array.
> 
> It's of course extremely unlikely that would ever be done, but this
> triggers my internal static analyzer. Also, if it really is not
> supposed to be invoked this way (i.e., with no NULL entries in
> page_array), the nr_populated<nr_pages check could simply be removed
> instead.
> 
> Fixes: 0f87d9d30f21 (mm/page_alloc: add an array-based interface to the bulk page allocator)
> Signed-off-by: Rasmus Villemoes <linux@...musvillemoes.dk>

Acked-by: Mel Gorman <mgorman@...hsingularity.net>

-- 
Mel Gorman
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ