Commit 7d88e4f7 authored by Andrey Konovalov's avatar Andrey Konovalov Committed by Andrew Morton

kasan: check object_size in kasan_complete_mode_report_info

Check the object size when looking up entries in the stack ring.

If the size of the object for which a report is being printed does not
match the size of the object for which a stack trace has been saved in the
stack ring, the saved stack trace is irrelevant.

Link: https://lkml.kernel.org/r/68c6948175aadd7e7e7deea61725103d64a4528f.1700502145.git.andreyknvl@google.comSigned-off-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Reviewed-by: default avatarAlexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Evgenii Stepanov <eugenis@google.com>
Cc: Marco Elver <elver@google.com>
Cc: Oscar Salvador <osalvador@suse.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
parent f3b59798
...@@ -7,6 +7,7 @@ ...@@ -7,6 +7,7 @@
#include <linux/atomic.h> #include <linux/atomic.h>
#include "kasan.h" #include "kasan.h"
#include "../slab.h"
extern struct kasan_stack_ring stack_ring; extern struct kasan_stack_ring stack_ring;
...@@ -58,7 +59,8 @@ void kasan_complete_mode_report_info(struct kasan_report_info *info) ...@@ -58,7 +59,8 @@ void kasan_complete_mode_report_info(struct kasan_report_info *info)
entry = &stack_ring.entries[i % stack_ring.size]; entry = &stack_ring.entries[i % stack_ring.size];
if (kasan_reset_tag(entry->ptr) != info->object || if (kasan_reset_tag(entry->ptr) != info->object ||
get_tag(entry->ptr) != get_tag(info->access_addr)) get_tag(entry->ptr) != get_tag(info->access_addr) ||
info->cache->object_size != entry->size)
continue; continue;
if (entry->is_free) { if (entry->is_free) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment