From 745611f800961c37a24fa84ce1e287fede622e38 Mon Sep 17 00:00:00 2001 From: anjiahao Date: Tue, 16 Jan 2024 13:30:22 +0800 Subject: [PATCH] kasan:fix bug for kasan_mem_to_shadow Signed-off-by: anjiahao --- mm/kasan/kasan.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c index febd76e9d2..cab1ada376 100644 --- a/mm/kasan/kasan.c +++ b/mm/kasan/kasan.c @@ -149,7 +149,7 @@ static FAR uintptr_t *kasan_mem_to_shadow(FAR const void *ptr, size_t size, size_t mod; size_t i; - if (g_region_init != KASAN_INIT_VALUE) + if (g_region_init != KASAN_INIT_VALUE || size == 0) { return NULL; } @@ -161,7 +161,7 @@ static FAR uintptr_t *kasan_mem_to_shadow(FAR const void *ptr, size_t size, { ret = kasan_find_mem(addr + i * KASAN_SHADOW_SCALE, KASAN_SHADOW_SCALE, bit); - if (ret) + if (ret == NULL) { return ret; } @@ -251,7 +251,7 @@ static bool kasan_is_poisoned(FAR const void *addr, size_t size) FAR uintptr_t *p; unsigned int bit; - p = kasan_mem_to_shadow(addr + size - 1, 1, &bit); + p = kasan_mem_to_shadow(addr, size, &bit); return p && ((*p >> bit) & 1); } @@ -271,7 +271,7 @@ static void kasan_set_poison(FAR const void *addr, size_t size, flags = spin_lock_irqsave(&g_lock); - p = kasan_mem_to_shadow(addr, size, &bit); + p = kasan_find_mem((uintptr_t)addr, size, &bit); DEBUGASSERT(p != NULL); nbit = KASAN_BITS_PER_WORD - bit % KASAN_BITS_PER_WORD;