futex: Prevent overflow by strengthen input validation

author Li Jinyue <lijinyue@huawei.com>

Thu, 14 Dec 2017 09:04:54 +0000 (17:04 +0800)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Tue, 23 Jan 2018 18:57:04 +0000 (19:57 +0100)
author Li Jinyue <lijinyue@huawei.com>
Thu, 14 Dec 2017 09:04:54 +0000 (17:04 +0800)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 23 Jan 2018 18:57:04 +0000 (19:57 +0100)
diff --git a/kernel/futex.c b/kernel/futex.c

index 88bad86..bb2265a 100644 (file)
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -1711,6 +1711,9 @@ static int futex_requeue(u32 __user *uaddr1, unsigned int flags,
         struct futex_q *this, *next;
         WAKE_Q(wake_q);
  
+       if (nr_wake < 0 || nr_requeue < 0)
+               return -EINVAL;
+
         if (requeue_pi) {
                 /*
                  * Requeue PI only works on two distinct uaddrs. This
author	Li Jinyue <lijinyue@huawei.com>
	Thu, 14 Dec 2017 09:04:54 +0000 (17:04 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 23 Jan 2018 18:57:04 +0000 (19:57 +0100)