Re: [linux-next-20130422] Bug in SLAB?
From: Pekka Enberg
Date: Wed May 01 2013 - 04:04:06 EST
On 4/30/13 5:34 PM, Christoph Lameter wrote:
On Tue, 30 Apr 2013, Tetsuo Handa wrote:
Current diff is:
[off by one stuff okay]
diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h
index 113ec08..be1446a 100644
--- a/include/linux/slab_def.h
+++ b/include/linux/slab_def.h
@@ -126,6 +126,9 @@ static __always_inline void *kmalloc(size_t size, gfp_t flags)
if (!size)
return ZERO_SIZE_PTR;
+ if (size > KMALLOC_MAX_SIZE)
+ goto not_found;
+
i = kmalloc_index(size);
Why is this needed? kmalloc_index should BUG() for too large allocs.
Why is that? Historically it has returned NULL, hasn't it? We have had
cases where kernel code (naively) uses size directly from userspace and
we definitely don't want to BUG_ON on it.
Pekka
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/