commit 93501e7330aacb38e15d26aaddc1df3485acff91
author Dan Carpenter <dan.carpenter@oracle.com> Thu Mar 07 08:41:22 2019 +0300
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org> Wed Jan 29 10:24:18 2020 +0100
tree c850467a40a6ba356e8b6193e3ae89f06c88cbd2
parent 743f4da870bf40b11101be0177ed8ea9e86fceeb

xen, cpu_hotplug: Prevent an out of bounds access

[ Upstream commit 201676095dda7e5b31a5e1d116d10fc22985075e ]

The "cpu" variable comes from the sscanf() so Smatch marks it as
untrusted data.  We can't pass a higher value than "nr_cpu_ids" to
cpu_possible() or it results in an out of bounds access.

Fixes: d68d82afd4c8 ("xen: implement CPU hotplugging")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>