block/partitions/efi.c: fix bound check

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Use ARRAY_SIZE instead of sizeof to get proper max for label length.

Since this is just a read out of bounds it's not that bad, but the
problem becomes user-visible eg if one tries to use DEBUG_PAGEALLOC and
DEBUG_RODATA, at least with some enhancements from Hiroshi. Of course
the destination array can contain garbage when we read beyond the end of
source array so that would be another user-visible problem.

Signed-off-by: Antti P Miettinen <amiettinen@nvidia.com>
Reviewed-by: Hiroshi Doyu <hdoyu@nvidia.com>
Tested-by: Hiroshi Doyu <hdoyu@nvidia.com>
Cc: Will Drewry <wad@chromium.org>
Cc: Matt Fleming <matt.fleming@intel.com>
Acked-by: Davidlohr Bueso <davidlohr@hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Antti P Miettinen and committed by

Linus Torvalds 12 years ago 49204c11 51a0d036

+3 -2

1 changed file

expand all

block

partitions

efi.c

+3 -2

block/partitions/efi.c

··· 96 96 * - Code works, detects all the partitions. 97 97 * 98 98 ************************************************************/ 99 + #include <linux/kernel.h> 99 100 #include <linux/crc32.h> 100 101 #include <linux/ctype.h> 101 102 #include <linux/math64.h> ··· 716 715 efi_guid_unparse(&ptes[i].unique_partition_guid, info->uuid); 717 716 718 717 /* Naively convert UTF16-LE to 7 bits. */ 719 - label_max = min(sizeof(info->volname) - 1, 720 - sizeof(ptes[i].partition_name)); 718 + label_max = min(ARRAY_SIZE(info->volname) - 1, 719 + ARRAY_SIZE(ptes[i].partition_name)); 721 720 info->volname[label_max] = 0; 722 721 while (label_count < label_max) { 723 722 u8 c = ptes[i].partition_name[label_count] & 0xff;