Re: [PATCH v2] locking/lockdep: Fix buffer overrun problem in stack_trace[]

From: Bart Van Assche
Date: Fri Dec 20 2019 - 10:23:36 EST

Next message: Tom Zanussi: "Re: [PATCH 3/3] ftrace: fix endianness bug in histogram trigger"
Previous message: Tejun Heo: "Re: [PATCH 2/9] perf/core: Add PERF_SAMPLE_CGROUP feature"
In reply to: Waiman Long: "[PATCH v2] locking/lockdep: Fix buffer overrun problem in stack_trace[]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2019-12-20 05:51, Waiman Long wrote:
> If the lockdep code is really running out of the stack_trace entries,
> it is likely that buffer overrun can happen and the data immediately
> after stack_trace[] will be corrupted.
>
> If there is less than LOCK_TRACE_SIZE_IN_LONGS entries left before
> the call to save_trace(), the max_entries computation will leave it
> with a very large positive number because of its unsigned nature. The
> subsequent call to stack_trace_save() will then corrupt the data after
> stack_trace[]. Fix that by changing max_entries to a signed integer
> and check for negative value before calling stack_trace_save().

Reviewed-by: Bart Van Assche <bvanassche@xxxxxxx>

Next message: Tom Zanussi: "Re: [PATCH 3/3] ftrace: fix endianness bug in histogram trigger"
Previous message: Tejun Heo: "Re: [PATCH 2/9] perf/core: Add PERF_SAMPLE_CGROUP feature"
In reply to: Waiman Long: "[PATCH v2] locking/lockdep: Fix buffer overrun problem in stack_trace[]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]