diff options
| author | Daniel Latypov <dlatypov@google.com> | 2022-07-22 17:15:33 +0000 |
|---|---|---|
| committer | Shuah Khan <skhan@linuxfoundation.org> | 2022-10-07 10:15:50 -0600 |
| commit | e562e309d1d4ac05457c1454b6007071f13b5684 (patch) | |
| tree | 9d67b7dca7e81d3c428f93b7cb6b4d0f7de24f49 /lib/decompress_unlzo.c | |
| parent | 047a8a0a2da716fecfd325d21ccf509c431992d9 (diff) | |
kunit: make kunit_kfree() not segfault on invalid inputs
kunit_kfree() can only work on data ("resources") allocated by KUnit.
Currently for code like this,
> void *ptr = kmalloc(4, GFP_KERNEL);
> kunit_kfree(test, ptr);
kunit_kfree() will segfault.
It'll try and look up the kunit_resource associated with `ptr` and get a
NULL back, but it won't check for this. This means we also segfault if
you double-free.
Change kunit_kfree() so it'll notice these invalid pointers and respond
by failing the test.
Implementation: kunit_destroy_resource() does what kunit_kfree() does,
but is more generic and returns -ENOENT when it can't find the resource.
Sadly, unlike just letting it crash, this means we don't get a stack
trace. But kunit_kfree() is so infrequently used it shouldn't be hard to
track down the bad callsite anyways.
After this change, the above code gives:
> # example_simple_test: EXPECTATION FAILED at lib/kunit/test.c:702
> kunit_kfree: 00000000626ec200 already freed or not allocated by kunit
Signed-off-by: Daniel Latypov <dlatypov@google.com>
Reviewed-by: David Gow <davidgow@google.com>
Reviewed-by: Brendan Higgins <brendanhiggins@google.com>
Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
Diffstat (limited to 'lib/decompress_unlzo.c')
0 files changed, 0 insertions, 0 deletions