[PATCH v2] udmabuf: Fix a potential (and unlikely) access to unallocated memory
Christophe JAILLET
christophe.jaillet at wanadoo.fr
Mon Feb 19 17:59:02 UTC 2024
Le 19/02/2024 à 09:37, Dan Carpenter a écrit :
> On Sun, Feb 18, 2024 at 06:46:44PM +0100, Christophe JAILLET wrote:
>> If 'list_limit' is set to a very high value, 'lsize' computation could
>> overflow if 'head.count' is big enough.
>>
>
> The "list_limit" is set via module parameter so if you set that high
> enough to lead to an integer overflow then you kind of deserve what
> you get.
>
> This patch is nice for kernel hardening and making the code easier to
> read/audit but the real world security impact is negligible.
Agreed.
That is what I meant by "and unlikely".
Maybe the commit message could be more explicit if needed.
Let me know if ok as-is or if I should try to re-word the description.
CJ
>
> regards,
> dan carpenter
>
>
>
More information about the dri-devel
mailing list