From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933028Ab2AKKoc (ORCPT ); Wed, 11 Jan 2012 05:44:32 -0500 Received: from mail-tul01m020-f174.google.com ([209.85.214.174]:42618 "EHLO mail-tul01m020-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932584Ab2AKKo2 (ORCPT ); Wed, 11 Jan 2012 05:44:28 -0500 From: Xiaotian Feng To: linux-kernel@vger.kernel.org Cc: Xiaotian Feng , Xiaotian Feng , Al Viro , Andrew Morton , Vasiliy Kulikov , Stephen Wilson , David Rientjes Subject: [PATCH] proc: fix null pointer deref in proc_pid_permission() Date: Wed, 11 Jan 2012 13:47:05 -0500 Message-Id: <1326307625-11561-1-git-send-email-xtfeng@gmail.com> X-Mailer: git-send-email 1.7.5.4 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org get_proc_task() can fail to search the task and return NULL, put_task_struct() will then bomb the kernel with following oops: [ 1870.574045] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 [ 1870.574065] IP: [] proc_pid_permission+0x64/0xe0 [ 1870.574088] PGD 112075067 PUD 112814067 PMD 0 [ 1870.574106] Oops: 0002 [#1] PREEMPT SMP This is a regression introduced by commit 0499680a, kernel should return -ESRCH if get_proc_task() failed. Signed-off-by: Xiaotian Feng Cc: Al Viro Cc: Andrew Morton Cc: Vasiliy Kulikov Cc: Stephen Wilson Cc: David Rientjes --- fs/proc/base.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 8173dfd..5485a53 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -654,6 +654,8 @@ static int proc_pid_permission(struct inode *inode, int mask) bool has_perms; task = get_proc_task(inode); + if (!task) + return -ESRCH; has_perms = has_pid_permissions(pid, task, 1); put_task_struct(task); -- 1.7.5.4