From d6cbda49aaa5a5288b37741fd6bf5ced87742647 Mon Sep 17 00:00:00 2001 From: weishu Date: Wed, 27 Dec 2023 20:19:21 +0800 Subject: [PATCH] kernel: fix out of bound reading. close #1227 --- kernel/allowlist.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/kernel/allowlist.c b/kernel/allowlist.c index f1115eb5..2c32bbb5 100644 --- a/kernel/allowlist.c +++ b/kernel/allowlist.c @@ -458,7 +458,9 @@ void ksu_prune_allowlist(bool (*is_uid_valid)(uid_t, char *, void *), void *data modified = true; pr_info("prune uid: %d, package: %s\n", uid, package); list_del(&np->list); - allow_list_bitmap[uid / BITS_PER_BYTE] &= ~(1 << (uid % BITS_PER_BYTE)); + if (likely(uid <= BITMAP_UID_MAX)) { + allow_list_bitmap[uid / BITS_PER_BYTE] &= ~(1 << (uid % BITS_PER_BYTE)); + } remove_uid_from_arr(uid); smp_mb(); kfree(np);