kdb: do a sanity check on the cpu in kdb_per_cpu()

The "whichcpu" comes from argv[3].  The cpu_online() macro looks up the
cpu in a bitmap of online cpus, but if the value is too high then it
could read beyond the end of the bitmap and possibly Oops.

Fixes: 5d5314d6795f ("kdb: core for kgdb back end (1 of 2)")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>

diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
index fc96dbf8d9de95ee02c5c067e1b34dc94641db61..9ecfa37c7fbfc2ba52d79c62d8e1991b0d28538a 100644 (file)
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -2583,7 +2583,7 @@ static int kdb_per_cpu(int argc, const char **argv)
                diag = kdbgetularg(argv[3], &whichcpu);
                if (diag)
                        return diag;
-               if (!cpu_online(whichcpu)) {
+               if (whichcpu >= nr_cpu_ids || !cpu_online(whichcpu)) {
                        kdb_printf("cpu %ld is not online\n", whichcpu);
                        return KDB_BADCPUNUM;
                }