summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Mackall <mpm@selenic.com>2008-10-07 16:37:35 (GMT)
committerLinus Torvalds <torvalds@linux-foundation.org>2008-10-07 18:19:23 (GMT)
commit85ba94ba0592296053f7f2846812173424afe1cb (patch)
tree08b988ee8ebae30f31830801a44a62e0eec4856e
parente09e6e2b6a5daf653794926ab50a784b14b6de53 (diff)
downloadlinux-fsl-qoriq-85ba94ba0592296053f7f2846812173424afe1cb.tar.xz
SLOB: fix bogus ksize calculation
SLOB's ksize calculation was braindamaged and generally harmlessly underreported the allocation size. But for very small buffers, it could in fact overreport them, leading code depending on krealloc to overrun the allocation and trample other data. Signed-off-by: Matt Mackall <mpm@selenic.com> Tested-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--mm/slob.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/mm/slob.c b/mm/slob.c
index 4c82dd4..62b679d 100644
--- a/mm/slob.c
+++ b/mm/slob.c
@@ -515,7 +515,7 @@ size_t ksize(const void *block)
sp = (struct slob_page *)virt_to_page(block);
if (slob_page(sp))
- return ((slob_t *)block - 1)->units + SLOB_UNIT;
+ return (((slob_t *)block - 1)->units - 1) * SLOB_UNIT;
else
return sp->page.private;
}