On 06/03/2013 05:42 PM, Jiang Liu wrote: > Function valid_io_request() should verify the entire request doesn't > exceed the zram device, otherwise it will cause invalid memory access. > > Signed-off-by: Jiang Liu <jiang.liu@xxxxxxxxxx> > --- > drivers/staging/zram/zram_drv.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/drivers/staging/zram/zram_drv.c b/drivers/staging/zram/zram_drv.c > index 66cf28a..64b51b9 100644 > --- a/drivers/staging/zram/zram_drv.c > +++ b/drivers/staging/zram/zram_drv.c > @@ -428,6 +428,10 @@ static inline int valid_io_request(struct zram *zram, struct bio *bio) > return 0; > } > > + if (unlikely((bio->bi_sector << SECTOR_SHIFT) + bio->bi_size >= > + zram->disksize)) > + return 0; > + This test make the first line of previous test redundant. Why not just update it like the following: - (bio->bi_sector >= (zram->disksize >> SECTOR_SHIFT)) || + ((bio->bi_sector << SECTOR_SHIFT) + bio->bi_size >= + zram->disksize)) || Jerome > /* I/O request is valid */ > return 1; > } > _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
