ANDROID: proc: fix undefined behavior in proc_uid_base_readdir

When uid_base_stuff has no entries, proc_uid_base_readdir tries to compute an address before the start of the array. Revise this check to use uid_base_stuff + nents instead, which makes the code valid regardless of array size. Bug: 80158484 Test: No more compiler warning with CONFIG_CPU_FREQ_TIMES=n Change-Id: I6e55b27c3ba8210cee194f6d27bbd62c0b263796 Signed-off-by: Connor O'Brien <connoro@google.com>
author: Connor O'Brien <connoro@google.com> 2018-05-23 13:00:23 -0700
committer: Connor O'Brien <connoro@google.com> 2018-05-24 12:34:35 -0700
commit: 9ff3cfc1ec343023b1027b341e03b892e066340b (patch)
tree: fd6ce9002fc7959b039f64ab5fed45d2f141a3b1 /fs/proc/uid.c
parent: c3c51ea38a927e64e9e107d6d794a6e62c3f5731 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/proc/uid.c b/fs/proc/uid.c
index 040591d341f8..11f1efc33c59 100644
--- a/fs/proc/uid.c
+++ b/fs/proc/uid.c
@@ -174,7 +174,7 @@ static int proc_uid_base_readdir(struct file *file, struct dir_context *ctx)
 		return 0;
 
 	for (u = uid_base_stuff + (ctx->pos - 2);
-	     u <= uid_base_stuff + nents - 1; u++) {
+	     u < uid_base_stuff + nents; u++) {
 		if (!proc_fill_cache(file, ctx, u->name, u->len,
 				     proc_uident_instantiate, NULL, u))
 			break;
author	Connor O'Brien <connoro@google.com>	2018-05-23 13:00:23 -0700
committer	Connor O'Brien <connoro@google.com>	2018-05-24 12:34:35 -0700
commit	9ff3cfc1ec343023b1027b341e03b892e066340b (patch)
tree	fd6ce9002fc7959b039f64ab5fed45d2f141a3b1 /fs/proc/uid.c
parent	c3c51ea38a927e64e9e107d6d794a6e62c3f5731 (diff)