From: Ma Wupeng <mawupeng1@xxxxxxxxxx> Add access_ok to check user memory range and return EINVAL if overflows for mbind. Signed-off-by: Ma Wupeng <mawupeng1@xxxxxxxxxx> --- mm/mempolicy.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index e3a2c465fe8a..a6bddf454953 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1272,6 +1272,9 @@ static long do_mbind(unsigned long start, unsigned long len, if (start & ~PAGE_MASK) return -EINVAL; + if (unlikely(!access_ok((void __user *)start, len))) + return -EINVAL; + if (mode == MPOL_DEFAULT) flags &= ~MPOL_MF_STRICT; -- 2.25.1
