From: Ma Wupeng <mawupeng1@xxxxxxxxxx> Add access_ok to check user memory range and return EINVAL if overflows for msync. Signed-off-by: Ma Wupeng <mawupeng1@xxxxxxxxxx> --- mm/msync.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mm/msync.c b/mm/msync.c index ac4c9bfea2e7..a87c3dca473a 100644 --- a/mm/msync.c +++ b/mm/msync.c @@ -43,6 +43,8 @@ SYSCALL_DEFINE3(msync, unsigned long, start, size_t, len, int, flags) goto out; if (offset_in_page(start)) goto out; + if (unlikely(!access_ok((void __user *)start, len))) + goto out; if ((flags & MS_ASYNC) && (flags & MS_SYNC)) goto out; error = -ENOMEM; -- 2.25.1
