| From stable-bounces@linux.kernel.org Wed Aug 3 18:45:03 2005 |
| Date: Wed, 3 Aug 2005 18:43:22 -0700 |
| From: Andrew Morton <akpm@osdl.org> |
| To: stable@kernel.org |
| Subject: [PATCH] sys_set_mempolicy() doesnt check if mode < 0 |
| |
| From: Eric Dumazet <dada1@cosmosbay.com> |
| |
| A kernel BUG() is triggered by a call to set_mempolicy() with a negative |
| first argument. This is because the mode is declared as an int, and the |
| validity check doesnt check < 0 values. Alternatively, mode could be |
| declared as unsigned int or unsigned long. |
| |
| Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> |
| Cc: Andi Kleen <ak@suse.de> |
| Signed-off-by: Andrew Morton <akpm@osdl.org> |
| Signed-off-by: Linus Torvalds <torvalds@osdl.org> |
| Signed-off-by: Chris Wright <chrisw@osdl.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| --- |
| mm/mempolicy.c | 2 +- |
| 1 files changed, 1 insertion(+), 1 deletion(-) |
| |
| Index: linux-2.6.12.y/mm/mempolicy.c |
| =================================================================== |
| --- linux-2.6.12.y.orig/mm/mempolicy.c |
| +++ linux-2.6.12.y/mm/mempolicy.c |
| @@ -409,7 +409,7 @@ asmlinkage long sys_set_mempolicy(int mo |
| struct mempolicy *new; |
| DECLARE_BITMAP(nodes, MAX_NUMNODES); |
| |
| - if (mode > MPOL_MAX) |
| + if (mode < 0 || mode > MPOL_MAX) |
| return -EINVAL; |
| err = get_nodes(nodes, nmask, maxnode, mode); |
| if (err) |
