| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220601093211.2970565-1-tianyu.li@arm.com>
Date: Wed, 1 Jun 2022 17:32:11 +0800
From: Tianyu Li <tianyu.li@....com>
To: Andrew Morton <akpm@...ux-foundation.org>,
Arnd Bergmann <arnd@...db.de>,
linux-mm@...ck.org (open list:MEMORY MANAGEMENT),
linux-kernel@...r.kernel.org (open list)
Cc: nd@....com, Tianyu Li <tianyu.li@....com>
Subject: [PATCH] mm/mempolicy: fix get_nodes out of bound access
When user specified more nodes than supported,
get_nodes will access nmask array out of bound.
Fixes: e130242dc351 ("mm: simplify compat numa syscalls")
Signed-off-by: Tianyu Li <tianyu.li@....com>
---
mm/mempolicy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 0b4ba3ee810e..9f27dc4b66ba 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1388,7 +1388,7 @@ static int get_nodes(nodemask_t *nodes, const unsigned long __user *nmask,
unsigned long bits = min_t(unsigned long, maxnode, BITS_PER_LONG);
unsigned long t;
- if (get_bitmap(&t, &nmask[maxnode / BITS_PER_LONG], bits))
+ if (get_bitmap(&t, &nmask[(maxnode - 1) / BITS_PER_LONG], bits))
return -EFAULT;
if (maxnode - bits >= MAX_NUMNODES) {
--
2.25.1
Powered by blists - more mailing lists