futex: Prevent overflow by strengthen input validation
authorLi Jinyue <lijinyue@huawei.com>
Thu, 14 Dec 2017 09:04:54 +0000 (17:04 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 23 Jan 2018 18:58:11 +0000 (19:58 +0100)
commit17ae6ccfe5dd85605dc44534348b506f95d16a61
treea92b64f7c6e0996de6053b3db7c42a0a1a1d8752
parent1352130fe6aa4108fd6758687c419bb0d0c22f0d
futex: Prevent overflow by strengthen input validation

commit fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a upstream.

UBSAN reports signed integer overflow in kernel/futex.c:

 UBSAN: Undefined behaviour in kernel/futex.c:2041:18
 signed integer overflow:
 0 - -2147483648 cannot be represented in type 'int'

Add a sanity check to catch negative values of nr_wake and nr_requeue.

Signed-off-by: Li Jinyue <lijinyue@huawei.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: peterz@infradead.org
Cc: dvhart@infradead.org
Link: https://lkml.kernel.org/r/1513242294-31786-1-git-send-email-lijinyue@huawei.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
kernel/futex.c