s390/unwind: avoid int overflow in outside_of_stack
When current task is interrupted in-between stack frame allocation and backchain write instructions new stack frame backchain pointer is left uninitialized. That invalid backchain value is passed into outside_of_stack for sanity check. Make sure int overflow does not happen by subtracting stack_frame size from the stack "end" rather than adding it to "random" backchain value. Fixes: 41b0474c1b1c ("s390/unwind: introduce stack unwind API") Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
This commit is contained in:
parent
73df167c81
commit
9a15919041
|
@ -20,7 +20,7 @@ EXPORT_SYMBOL_GPL(unwind_get_return_address);
|
|||
static bool outside_of_stack(struct unwind_state *state, unsigned long sp)
|
||||
{
|
||||
return (sp <= state->sp) ||
|
||||
(sp + sizeof(struct stack_frame) > state->stack_info.end);
|
||||
(sp > state->stack_info.end - sizeof(struct stack_frame));
|
||||
}
|
||||
|
||||
static bool update_stack_info(struct unwind_state *state, unsigned long sp)
|
||||
|
|
Loading…
Reference in New Issue