Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6d4fa70c authored by Connor O'Brien's avatar Connor O'Brien
Browse files

ANDROID: proc: fix undefined behavior in proc_uid_base_readdir 



When uid_base_stuff has no entries, proc_uid_base_readdir tries to
compute an address before the start of the array. Revise this check to
use uid_base_stuff + nents instead, which makes the code valid
regardless of array size.

Bug: 80158484
Test: No more compiler warning with CONFIG_CPU_FREQ_TIMES=n
Change-Id: I6e55b27c3ba8210cee194f6d27bbd62c0b263796
Signed-off-by: default avatarConnor O'Brien <connoro@google.com>
parent 35b77980

fs/proc/uid.c

+1 −1
Original line number Diff line number Diff line
@@ -174,7 +174,7 @@ static int proc_uid_base_readdir(struct file *file, struct dir_context *ctx) 
		return 0;



	for (u = uid_base_stuff + (ctx->pos - 2);

	     u <= uid_base_stuff + nents - 1; u++) {

	     u < uid_base_stuff + nents; u++) {

		if (!proc_fill_cache(file, ctx, u->name, u->len,

				     proc_uident_instantiate, NULL, u))

			break;