On Sat, Apr 04, 2020 at 11:25:45PM -0600, William Kucharski wrote:
>
>
> > On Apr 4, 2020, at 12:52 PM, Uladzislau Rezki <urezki@xxxxxxxxx> wrote:
> >
> >>
> >> Is there any need to similarly sanitize “size” to assure start + size doesn’t go past “end?”
> >>
> > Why is that double check needed if all such tests are done deeper on stack?
>
> If such tests ARE performed, then it doesn't matter to me whether it is checked before or after,
> it just seems that nothing checks whether start + size makes some sort of sense with respect
> to end.
>
> I admit I didn't walk through all the routines to see if such a check would be superfluous.
>
Yes, we check it:
<snip>
static __always_inline bool
is_within_this_va(struct vmap_area *va, unsigned long size,
unsigned long align, unsigned long vstart)
{
...
return (nva_start_addr + size <= va->va_end);
}
<snip>
--
Vlad Rezki
