[thirdparty/kernel/stable-queue.git] / releases / 4.19.36 / sched-core-fix-buffer-overflow-in-cgroup2-property-c.patch

From d6a0bb333aa3878ba1f85cb0b37f32465a8b39cb Mon Sep 17 00:00:00 2001
From: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Date: Wed, 6 Mar 2019 20:11:42 +0300
Subject: sched/core: Fix buffer overflow in cgroup2 property cpu.max

[ Upstream commit 4c47acd824aaaa8fc6dc519fb4e08d1522105b7a ]

Add limit into sscanf format string for on-stack buffer.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Li Zefan <lizefan@huawei.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@surriel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: 0d5936344f30 ("sched: Implement interface for cgroup unified hierarchy")
Link: https://lkml.kernel.org/r/155189230232.2620.13120481613524200065.stgit@buzz
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 kernel/sched/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 9a4f57d7e931..d7f409866cdf 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6930,7 +6930,7 @@ static int __maybe_unused cpu_period_quota_parse(char *buf,
 {
 	char tok[21];	/* U64_MAX */
 
-	if (!sscanf(buf, "%s %llu", tok, periodp))
+	if (sscanf(buf, "%20s %llu", tok, periodp) < 1)
 		return -EINVAL;
 
 	*periodp *= NSEC_PER_USEC;
-- 
2.19.1
Commit	Line	Data
e4a1bd70 SLM	1	From d6a0bb333aa3878ba1f85cb0b37f32465a8b39cb Mon Sep 17 00:00:00 2001
	2	From: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
	3	Date: Wed, 6 Mar 2019 20:11:42 +0300
	4	Subject: sched/core: Fix buffer overflow in cgroup2 property cpu.max
	5
	6	[ Upstream commit 4c47acd824aaaa8fc6dc519fb4e08d1522105b7a ]
	7
	8	Add limit into sscanf format string for on-stack buffer.
	9
	10	Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
	11	Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
	12	Acked-by: Tejun Heo <tj@kernel.org>
	13	Cc: Andy Lutomirski <luto@kernel.org>
	14	Cc: Borislav Petkov <bp@alien8.de>
	15	Cc: Dave Hansen <dave.hansen@linux.intel.com>
	16	Cc: H. Peter Anvin <hpa@zytor.com>
	17	Cc: Johannes Weiner <hannes@cmpxchg.org>
	18	Cc: Li Zefan <lizefan@huawei.com>
	19	Cc: Linus Torvalds <torvalds@linux-foundation.org>
	20	Cc: Peter Zijlstra <peterz@infradead.org>
	21	Cc: Rik van Riel <riel@surriel.com>
	22	Cc: Thomas Gleixner <tglx@linutronix.de>
	23	Fixes: 0d5936344f30 ("sched: Implement interface for cgroup unified hierarchy")
	24	Link: https://lkml.kernel.org/r/155189230232.2620.13120481613524200065.stgit@buzz
	25	Signed-off-by: Ingo Molnar <mingo@kernel.org>
	26	Signed-off-by: Sasha Levin <sashal@kernel.org>
	27	---
	28	kernel/sched/core.c \| 2 +-
	29	1 file changed, 1 insertion(+), 1 deletion(-)
	30
	31	diff --git a/kernel/sched/core.c b/kernel/sched/core.c
	32	index 9a4f57d7e931..d7f409866cdf 100644
	33	--- a/kernel/sched/core.c
	34	+++ b/kernel/sched/core.c
	35	@@ -6930,7 +6930,7 @@ static int __maybe_unused cpu_period_quota_parse(char *buf,
	36	{
	37	char tok[21]; /* U64_MAX */
	38
	39	- if (!sscanf(buf, "%s %llu", tok, periodp))
	40	+ if (sscanf(buf, "%20s %llu", tok, periodp) < 1)
	41	return -EINVAL;
	42
	43	periodp = NSEC_PER_USEC;
	44	--
	45	2.19.1
	46