s390/disassembler: prevent endless loop in print_fn_code()

If the size of the opcode to be printed is larger than "len" we'll see an overflow of an unsigned long value, which means that the while loop within print_fn_code() will loop quite a long time until there is the next chance for an exit. So add an early exit check. Reported-by: N Christian Ehrhardt <ehrhardt@linux.vnet.ibm.com> Signed-off-by: N Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>

s390/disassembler: prevent endless loop in print_fn_code()
If the size of the opcode to be printed is larger than "len" we'll see an overflow of an unsigned long value, which means that the while loop within print_fn_code() will loop quite a long time until there is the next chance for an exit. So add an early exit check. Reported-by: N Christian Ehrhardt <ehrhardt@linux.vnet.ibm.com> Signed-off-by: N Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>
7678dcfb · Heiko Carstens · Martin Schwidefsky · 9673217c · 7678dcfb
隐藏空白更改
内联并排

Showing with 2 addition and 0 deletion

arch/s390/kernel/dis.c arch/s390/kernel/dis.c +2 -0

未找到文件。
--- a/arch/s390/kernel/dis.c
+++ b/arch/s390/kernel/dis.c
@@ -1862,6 +1862,8 @@ void print_fn_code(unsigned char *code, unsigned long len)
 	while (len) {
 		ptr = buffer;
 		opsize = insn_length(*code);
+		if (opsize > len)
+			break;
 		ptr += sprintf(ptr, "%p: ", code);
 		for (i = 0; i < opsize; i++)
 			ptr += sprintf(ptr, "%02x", code[i]);