From: Eric Dumazet Date: Tue, 2 Aug 2005 04:11:43 +0000 (-0700) Subject: [PATCH] sys_set_mempolicy() doesnt check if mode < 0 X-Git-Tag: firefly_0821_release~42483 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=ba17101b41977f124948e0a7797fdcbb59e19f3e;p=firefly-linux-kernel-4.4.55.git [PATCH] sys_set_mempolicy() doesnt check if mode < 0 A kernel BUG() is triggered by a call to set_mempolicy() with a negative first argument. This is because the mode is declared as an int, and the validity check doesnt check < 0 values. Alternatively, mode could be declared as unsigned int or unsigned long. Signed-off-by: Eric Dumazet Cc: Andi Kleen Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 1694845526be..b4eababc8198 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -443,7 +443,7 @@ asmlinkage long sys_set_mempolicy(int mode, unsigned long __user *nmask, struct mempolicy *new; DECLARE_BITMAP(nodes, MAX_NUMNODES); - if (mode > MPOL_MAX) + if (mode < 0 || mode > MPOL_MAX) return -EINVAL; err = get_nodes(nodes, nmask, maxnode, mode); if (err)