Skip to content

Commit

Permalink
SLOB: fix bogus ksize calculation
Browse files Browse the repository at this point in the history 
SLOB's ksize calculation was braindamaged and generally harmlessly
underreported the allocation size. But for very small buffers, it could
in fact overreport them, leading code depending on krealloc to overrun
the allocation and trample other data.

Signed-off-by: Matt Mackall <mpm@selenic.com>
Tested-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  • Loading branch information
Matt Mackall authored and Linus Torvalds committed Oct 7, 2008
1 parent e09e6e2 commit 85ba94b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion mm/slob.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -515,7 +515,7 @@ size_t ksize(const void *block)

sp = (struct slob_page *)virt_to_page(block);
if (slob_page(sp))
return ((slob_t *)block - 1)->units + SLOB_UNIT;
return (((slob_t *)block - 1)->units - 1) * SLOB_UNIT;
else
return sp->page.private;
}
Expand Down

0 comments on commit 85ba94b

Please sign in to comment.