Hi, Sorry, please ignore the patch file below. I made a mistake in understanding the code logic. I now understand that the first "bad_nofile" validation check is good enough for checking the validity of the value in the "type" variable. On Mon, Dec 26, 2011 at 6:56 AM, Kautuk Consul <consul.kautuk@xxxxxxxxx> wrote: > From: Kautuk Consul <consul.kautuk@xxxxxxxxx> > > If the swapfile type encoded within entry.val is corrupted in > such a way that the swap_info[type] == NULL, then the code in > swap_info_get will cause a NULL pointer exception. > > Assuming that the code in swap_info_get attempts to validate the > swapfile type by checking its range, another bad_nofile check would > be to check for check whether the swap_info[type] pointer is NULL. > > Adding a NULL check for swap_info[type] to be reagrded as a "bad_nofile" > error scenario. > > Signed-off-by: Kautuk Consul <consul.kautuk@xxxxxxxxx> > --- > mm/swapfile.c | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/mm/swapfile.c b/mm/swapfile.c > index b1cd120..7bdbe91 100644 > --- a/mm/swapfile.c > +++ b/mm/swapfile.c > @@ -483,6 +483,8 @@ static struct swap_info_struct *swap_info_get(swp_entry_t entry) > if (type >= nr_swapfiles) > goto bad_nofile; > p = swap_info[type]; > + if (!p) > + goto bad_nofile; > if (!(p->flags & SWP_USED)) > goto bad_device; > offset = swp_offset(entry); > -- > 1.7.6 > -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href