[PATCH 02/11] checkpoint: check actual array size before dereferencing
Nathan Lynch
ntl at pobox.com
Wed Oct 20 11:56:37 PDT 2010
The restore_vma_ops table is indexed by vma type (enum vma_type in
checkpoint_hdr.h). We check the incoming VMA's type against
CKPT_VMA_MAX (which happens to be the size of the table), but it seems
more to-the-point to compare the type against the actual size of the
array.
Signed-off-by: Nathan Lynch <ntl at pobox.com>
---
mm/checkpoint.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/mm/checkpoint.c b/mm/checkpoint.c
index 00cbadd..c30a195 100644
--- a/mm/checkpoint.c
+++ b/mm/checkpoint.c
@@ -1207,7 +1207,7 @@ static int restore_vma(struct ckpt_ctx *ctx, struct mm_struct *mm)
goto out;
if (h->vma_objref < 0 || h->ino_objref < 0)
goto out;
- if (h->vma_type >= CKPT_VMA_MAX)
+ if (h->vma_type >= ARRAY_SIZE(restore_vma_ops))
goto out;
ret = -ENOSYS;
if (h->vm_flags & CKPT_VMA_NOT_SUPPORTED)
--
1.7.2.2
More information about the Containers
mailing list