[PATCH v2 3/4] mm/mempolicy: return EINVAL if len overflows for mbind

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: Ma Wupeng <mawupeng1@xxxxxxxxxx>

Return -EINVAL if len overflows for mbind.

Signed-off-by: Ma Wupeng <mawupeng1@xxxxxxxxxx>
---
 mm/mempolicy.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 153fda1ebb9c..4cb19a6e368b 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1258,6 +1258,7 @@ static long do_mbind(unsigned long start, unsigned long len,
 		     nodemask_t *nmask, unsigned long flags)
 {
 	struct mm_struct *mm = current->mm;
+	unsigned long old_len = len;
 	struct mempolicy *new;
 	unsigned long end;
 	int err;
@@ -1278,7 +1279,7 @@ static long do_mbind(unsigned long start, unsigned long len,
 	len = PAGE_ALIGN(len);
 	end = start + len;
 
-	if (end < start)
+	if (end < start || (old_len != 0 && len == 0))
 		return -EINVAL;
 	if (end == start)
 		return 0;
-- 
2.25.1
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux