Commit-ID: b9fb9910378947a2b7d58ca75d805b907929e001 Gitweb: http://git.kernel.org/tip/b9fb9910378947a2b7d58ca75d805b907929e001 Author: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx> AuthorDate: Mon, 1 Oct 2012 15:12:16 +0200 Committer: Ingo Molnar <mingo@xxxxxxxxxx> CommitDate: Fri, 5 Oct 2012 14:00:30 +0200 mm/mpol: Fix potential buffer overflow in mpol_parse_str() Wu reported an Smatch error: + mm/mempolicy.c:2426 mpol_parse_str() error: buffer overflow 'policy_modes' 5 <= 5 Fix it by growing the array to the right size, but avoid it being a valid string for mpol_parse_str() because its not an effective policy. Reported-by: Fengguang Wu <fengguang.wu@xxxxxxxxx> Signed-off-by: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Link: http://lkml.kernel.org/n/tip-i0egmq9r7tzocxo5pmc8jbfi@xxxxxxxxxxxxxx Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx> --- mm/mempolicy.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 7b4ff19..e59756a 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -2514,7 +2514,8 @@ static const char * const policy_modes[] = [MPOL_PREFERRED] = "prefer", [MPOL_BIND] = "bind", [MPOL_INTERLEAVE] = "interleave", - [MPOL_LOCAL] = "local" + [MPOL_LOCAL] = "local", + [MPOL_NOOP] = "noop", /* should not actually be used */ }; @@ -2565,7 +2566,7 @@ int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context) break; } } - if (mode >= MPOL_MAX) + if (mode >= MPOL_MAX || mode == MPOL_NOOP) goto out; switch (mode) { -- To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html