commit 636f13c174dd7c84a437d3c3e8fa66f03f7fda63
author Chris Wright <chrisw@sous-sol.org> Fri Feb 17 13:59:36 2006 -0800
committer Linus Torvalds <torvalds@g5.osdl.org> Fri Feb 17 14:09:22 2006 -0800
tree 2dd28d7729a52655eb4e155af620c5afdda85a8a
parent 74910e6c7dc7471b286a883c1a7af70483ffd2ba

[PATCH] sys_mbind sanity checking

Make sure maxnodes is safe size before calculating nlongs in
get_nodes().

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

mm/mempolicy.c

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 323fdcf..bedfa4f 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -808,6 +808,8 @@
 	nodes_clear(*nodes);
 	if (maxnode == 0 || !nmask)
 		return 0;
+	if (maxnode > PAGE_SIZE)
+		return -EINVAL;
 
 	nlongs = BITS_TO_LONGS(maxnode);
 	if ((maxnode % BITS_PER_LONG) == 0)