Message ID | 20200609071611.9467-1-vikas.kumar2@arm.com |
---|---|
State | Accepted |
Headers | show |
Series | syscalls/fork14: Fix Buffer overflow | expand |
----- Original Message ----- > This change basically avoids the buffer overflow by keeping the check count > to allocation limit > The problem occurs when there is no failure and i == EXTENT, so > pointer_vec[EXTENT] goes beyond the allocated buffer. I changed the patch to use a new variable, that reflects number of used fields, and pushed. Thanks, Jan
diff --git a/testcases/kernel/syscalls/fork/fork14.c b/testcases/kernel/syscalls/fork/fork14.c index a92aa46ad..2a20d9df8 100644 --- a/testcases/kernel/syscalls/fork/fork14.c +++ b/testcases/kernel/syscalls/fork/fork14.c @@ -132,6 +132,9 @@ static int fork_test(void) } } + if (i == EXTENT) + i--; + clear_memory_map: for (j = 0; j <= i; j++) { if (pointer_vec[j])
This change basically avoids the buffer overflow by keeping the check count to allocation limit The problem occurs when there is no failure and i == EXTENT, so pointer_vec[EXTENT] goes beyond the allocated buffer. Signed-off-by: Vikas Kumar <vikas.kumar2@arm.com> Reported-by: Amit Kachhap <amit.kachhap@arm.com> --- testcases/kernel/syscalls/fork/fork14.c | 3 +++ 1 file changed, 3 insertions(+)