* [PATCH] latencytop: fix kernel panic while reading latency proc file
@ 2008-02-14 18:26 Hiroshi Shimamoto
0 siblings, 0 replies; only message in thread
From: Hiroshi Shimamoto @ 2008-02-14 18:26 UTC (permalink / raw)
To: linux-kernel; +Cc: Arjan van de Ven, Ingo Molnar
From: Hiroshi Shimamoto <h-shimamoto@ct.jp.nec.com>
Reading /proc/<pid>/latency or /proc/<pid>/task/<tid>/latency could cause
NULL pointer dereference.
In lstats_open(), get_proc_task() can return NULL, in which case the kernel
will oops at lstats_show_proc() because m->private is NULL.
When get_proc_task() returns NULL, the kernel should return -ENOENT.
This can be reproduced by the following script.
while :
do
date
bash -c 'ls > ls.$$' &
pid=$!
cat /proc/$pid/latency &
cat /proc/$pid/latency &
cat /proc/$pid/latency &
cat /proc/$pid/latency
done
Signed-off-by: Hiroshi Shimamoto <h-shimamoto@ct.jp.nec.com>
---
fs/proc/base.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 7c6b4ec..1710b03 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -350,6 +350,8 @@ static int lstats_open(struct inode *inode, struct file *file)
struct seq_file *m;
struct task_struct *task = get_proc_task(inode);
+ if (!task)
+ return -ENOENT;
ret = single_open(file, lstats_show_proc, NULL);
if (!ret) {
m = file->private_data;
--
1.5.3.8
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2008-02-14 18:26 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-02-14 18:26 [PATCH] latencytop: fix kernel panic while reading latency proc file Hiroshi Shimamoto
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.