Google Git
Sign in
android / kernel / msm.git / android-msm-narwhal-3.18-oreo-wear-dr
commitef2880c313e30d5b99e138599fd3d81d90daae3e[log] [tgz]
authorLi Jinyue <lijinyue@huawei.com>Thu Dec 14 17:04:54 2017 +0800
committerDavid C. Park <davidc.park@lge.com>Mon Aug 13 10:24:12 2018 -0700
tree0df82eec129b270dd7c92e0454398927f9a03e5e
parente187767677be6165716aae560130921bc2520db7 [diff]
UPSTREAM: futex: Prevent overflow by strengthen input validation

UBSAN reports signed integer overflow in kernel/futex.c:

 UBSAN: Undefined behaviour in kernel/futex.c:2041:18
 signed integer overflow:
 0 - -2147483648 cannot be represented in type 'int'

Add a sanity check to catch negative values of nr_wake and nr_requeue.

CVE-2018-6927

Change-Id: I1781665147d862a58ce75199b929e5dc679f0e7e
Signed-off-by: Li Jinyue <lijinyue@huawei.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: peterz@infradead.org
Cc: dvhart@infradead.org
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/1513242294-31786-1-git-send-email-lijinyue@huawei.com
1 file changed
tree: 0df82eec129b270dd7c92e0454398927f9a03e5e
  1. android/
  2. arch/
  3. block/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. linaro/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .gitignore
  25. .mailmap
  26. AndroidKernel.mk
  27. build.config
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS