Re: [PATCH] fix sys_prctl() returned uninitialized value

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Serge E. Hallyn" <serue@us.ibm.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: "Andrew G. Morgan" <morgan@kernel.org>,
	Shi Weihua <shiwh@cn.fujitsu.com>,
	"Serge E. Hallyn" <serue@us.ibm.com>,
	linux-security-module@vger.kernel.org,
	LKML <linux-kernel@vger.kernel.org>,
	jmorris@namei.org, ltp-list@lists.sourceforge.net
Subject: Re: [PATCH] fix sys_prctl() returned uninitialized value
Date: Thu, 22 May 2008 14:17:50 -0500	[thread overview]
Message-ID: <20080522191750.GA14289@us.ibm.com> (raw)
In-Reply-To: <20080521222551.8d8e064a.akpm@linux-foundation.org>

Quoting Andrew Morton (akpm@linux-foundation.org):
> On Wed, 21 May 2008 22:01:17 -0700 "Andrew G. Morgan" <morgan@kernel.org> wrote:
> 
> > this is the default expected by the subsequent switch ().
> > 
> > Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
> > ---
> >  kernel/sys.c |    2 ++
> >  1 files changed, 2 insertions(+), 0 deletions(-)
> > 
> > diff --git a/kernel/sys.c b/kernel/sys.c
> > index 895d2d4..cb25a64 100644
> > --- a/kernel/sys.c
> > +++ b/kernel/sys.c
> > @@ -1657,6 +1657,8 @@ asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3,
> >  	if (security_task_prctl(option, arg2, arg3, arg4, arg5, &error))
> >  		return error;
> >  
> > +	error = 0;
> > +
> >  	switch (option) {
> >  		case PR_SET_PDEATHSIG:
> >  			if (!valid_signal(arg2)) {
> 
> Looking at it some more there are two cases which don't initialise
> `error': PR_SET_PDEATHSIG and PR_SET_DUMPABLE.  (let's set aside the
> silliness of having sys_prctl() perform set_dumpable()'s argument
> checking for it).

Hmm, I don't know what kernel version I was looking at, or whose glasses
I was wearing at the time.  Clearly these are the two...

> So I would propose this fix, mainly because it removes that nasty
> uninitialized_var().  Please review carefully.
> 
> 
> 
> From: Shi Weihua <shiwh@cn.fujitsu.com> 
> 
> If none of the switch cases match, the PR_SET_PDEATHSIG and
> PR_SET_DUMPABLE cases of the switch statement will never write to local
> variable `error'.
> 
> Signed-off-by: Shi Weihua <shiwh@cn.fujitsu.com> 
> Cc: Andrew G. Morgan <morgan@kernel.org>
> Cc: "Serge E. Hallyn" <serue@us.ibm.com>

Acked-by: Serge Hallyn <serue@us.ibm.com>

> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
> ---
> 
>  kernel/sys.c |    6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff -puN kernel/sys.c~sys_prctl-fix-return-of-uninitialized-value kernel/sys.c
> --- a/kernel/sys.c~sys_prctl-fix-return-of-uninitialized-value
> +++ a/kernel/sys.c
> @@ -1652,7 +1652,7 @@ asmlinkage long sys_umask(int mask)
>  asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3,
>  			  unsigned long arg4, unsigned long arg5)
>  {
> -	long uninitialized_var(error);
> +	long error = 0;
> 
>  	if (security_task_prctl(option, arg2, arg3, arg4, arg5, &error))
>  		return error;
> @@ -1701,9 +1701,7 @@ asmlinkage long sys_prctl(int option, un
>  			error = PR_TIMING_STATISTICAL;
>  			break;
>  		case PR_SET_TIMING:
> -			if (arg2 == PR_TIMING_STATISTICAL)
> -				error = 0;
> -			else
> +			if (arg2 != PR_TIMING_STATISTICAL)
>  				error = -EINVAL;
>  			break;
> 
> _

     prev parent reply	other threads:[~2008-05-22 22:58 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-05-22  3:19 [PATCH] fix sys_prctl() returned uninitialized value Shi Weihua
2008-05-22  3:32 ` Andrew Morton
2008-05-22  4:34   ` [LTP] " Li Zefan
2008-05-22  4:57     ` Andrew Morton
2008-05-22  5:01   ` Andrew G. Morgan
2008-05-22  5:15     ` Andrew Morton
2008-05-22  5:25     ` Andrew Morton
2008-05-22 13:07       ` Andrew G. Morgan
2008-05-22 19:17       ` Serge E. Hallyn [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20080522191750.GA14289@us.ibm.com \
    --to=serue@us.ibm.com \
    --cc=akpm@linux-foundation.org \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=ltp-list@lists.sourceforge.net \
    --cc=morgan@kernel.org \
    --cc=shiwh@cn.fujitsu.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.