lib/test_kasan.c: make kmalloc_oob_krealloc_less more correctly
authorWang Long <long.wanglong@huawei.com>
Wed, 9 Sep 2015 22:37:22 +0000 (15:37 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 10 Sep 2015 20:29:01 +0000 (13:29 -0700)
In kmalloc_oob_krealloc_less, I think it is better to test
the size2 boundary.

If we do not call krealloc, the access of position size1 will still cause
out-of-bounds and access of position size2 does not.  After call krealloc,
the access of position size2 cause out-of-bounds.  So using size2 is more
correct.

Signed-off-by: Wang Long <long.wanglong@huawei.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
lib/test_kasan.c

index 044c54dd43fdb5bd6ad898c68ba61ac3fc48d9fe..c1efb1b610179013baf5d662f40f739a5f9abc60 100644 (file)
@@ -114,7 +114,7 @@ static noinline void __init kmalloc_oob_krealloc_less(void)
                kfree(ptr1);
                return;
        }
-       ptr2[size1] = 'x';
+       ptr2[size2] = 'x';
        kfree(ptr2);
 }