From: Matthew Wilcox Date: Mon, 30 Jan 2017 21:22:30 +0000 (-0500) Subject: radix_tree_iter_resume: Fix out of bounds error X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f7137f79c57f228321dde2ab4586015504feaaac;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git radix_tree_iter_resume: Fix out of bounds error The address sanitizer occasionally finds an out of bounds error while running the test-suite. It turned out to be a read of the pointer immediately next to the tree root, but this out of bounds error could have occurred elsewhere. This happens because radix_tree_iter_resume() dereferences 'slot' before checking whether we've come to the end of the chunk. We can just delete this line; the value was never used. Signed-off-by: Matthew Wilcox --- diff --git a/lib/radix-tree.c b/lib/radix-tree.c index dcb9a2329e65..c1c079ffadcd 100644 --- a/lib/radix-tree.c +++ b/lib/radix-tree.c @@ -1685,7 +1685,6 @@ void **radix_tree_iter_resume(void **slot, struct radix_tree_iter *iter) slot++; iter->index = __radix_tree_iter_add(iter, 1); - node = rcu_dereference_raw(*slot); skip_siblings(&node, slot, iter); iter->next_index = iter->index; iter->tags = 0;