mm/memcontrol.c: fix kasan slab-out-of-bounds in mem_cgroup_css_alloc (7395879d) · Commits · Summer2022 / 22b970497

Commit 7395879d authored 3 years ago by

卢佳琳 Committed by Yang Yingliang 3 years ago

mm/memcontrol.c: fix kasan slab-out-of-bounds in mem_cgroup_css_alloc

hulk inclusion
category: bugfix
bugzilla: 51815, https://gitee.com/openeuler/kernel/issues/I3IJ9I


CVE: NA

--------

static int alloc_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node)
{
...
pn = kzalloc_node(sizeof(*pn), GFP_KERNEL, tmp);
if (!pn)
	return 1;

	pnext = to_mgpn_ext(pn);
	pnext->lruvec_stat_local = alloc_percpu(struct lruvec_stat);
}
the size of pnext is larger than pn, so pnext->lruvec_stat_local is out
of bounds

Signed-off-by: Lu Jialin <lujialin4@huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

parent e1f55683

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 30 additions and 30 deletions

Please register or to comment