On 4/29/21 4:39 AM, Shahab Vahedi wrote:
> On 4/23/21 9:52 PM, Vineet Gupta wrote:
>> diff --git a/arch/arc/kernel/entry.S b/arch/arc/kernel/entry.S
>> index 1743506081da..aea9b558993d 100644
>> --- a/arch/arc/kernel/entry.S
>> +++ b/arch/arc/kernel/entry.S
>> @@ -255,7 +255,7 @@ ENTRY(EV_Trap)
>>
On 4/23/21 9:52 PM, Vineet Gupta wrote:
> diff --git a/arch/arc/kernel/entry.S b/arch/arc/kernel/entry.S
> index 1743506081da..aea9b558993d 100644
> --- a/arch/arc/kernel/entry.S
> +++ b/arch/arc/kernel/entry.S
> @@ -255,7 +255,7 @@ ENTRY(EV_Trap)
> ; Normal syscall case
>
>
We have NR_syscall syscalls from [0 .. NR_syscall-1].
However the check for invalid syscall number is "> NR_syscall".
This off-by-one error erronesously allows "NR_syscall" itself as valid
and when passed causes out-of-bounds syscall-call table access leading
to crash.
This problem showed up when
