Commit 7678dcfb authored May 06, 2013 by Heiko Carstens Committed by Martin Schwidefsky May 07, 2013

s390/disassembler: prevent endless loop in print_fn_code()



If the size of the opcode to be printed is larger than "len" we'll
see an overflow of an unsigned long value, which means that the
while loop within print_fn_code() will loop quite a long time until
there is the next chance for an exit.
So add an early exit check.

Reported-by: Christian Ehrhardt <ehrhardt@linux.vnet.ibm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>

parent 9673217c

arch/s390/kernel/dis.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -1862,6 +1862,8 @@ void print_fn_code(unsigned char *code, unsigned long len)
		while (len) {
		ptr = buffer;
		opsize = insn_length(*code);
		if (opsize > len)
		break;
		ptr += sprintf(ptr, "%p: ", code);
		for (i = 0; i < opsize; i++)
		ptr += sprintf(ptr, "%02x", code[i]);