Merge tag 'perf-tools-for-v5.10-2020-10-15' of git://git.kernel.org/pub/scm/linux...

[linux-2.6-microblaze.git] / mm / kasan / tags_report.c

diff --git a/mm/kasan/tags_report.c b/mm/kasan/tags_report.c
index 969ae08..bee4371 100644 (file)
--- a/mm/kasan/tags_report.c
+++ b/mm/kasan/tags_report.c
@@ -60,6 +60,17 @@ const char *get_bug_type(struct kasan_access_info *info)
        }
 
 #endif
+       /*
+        * If access_size is a negative number, then it has reason to be
+        * defined as out-of-bounds bug type.
+        *
+        * Casting negative numbers to size_t would indeed turn up as
+        * a large size_t and its value will be larger than ULONG_MAX/2,
+        * so that this can qualify as out-of-bounds.
+        */
+       if (info->access_addr + info->access_size < info->access_addr)
+               return "out-of-bounds";
+
        return "invalid-access";
 }