[Devel] [PATCH] IPC: access to unmapped vmalloc area in grow_ary()

Kirill Korotaev dev at openvz.org
Mon Apr 17 04:39:23 PDT 2006

grow_ary() should not copy struct ipc_id_ary (it copies new->p, not 
new). Due to this, memcpy() src pointer could hit unmapped vmalloc page 
when near page boundary.

Found during OpenVZ stress testing

Signed-Off-By: Alexey Kuznetsov <kuznet at ms2.inr.ac.ru>
Signed-Off-By: Kirill Korotaev <dev at openvz.org>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: diff-ipc-memcpy-bug-20060413
URL: <http://lists.openvz.org/pipermail/devel/attachments/20060417/14477fcb/attachment-0001.ksh>

More information about the Devel mailing list