[PATCH] avoid out of bounds array reference in save_trace()

From: Luck, Tony
Date: Wed Dec 09 2009 - 17:29:46 EST

Next message: Roland Dreier: "Re: [PATCH] IB/uverbs: PTR_ERR return of wrong pointer in ib_uverbs_get_context()"
Previous message: Alan Stern: "Re: Async resume patch (was: Re: [GIT PULL] PM updates for 2.6.33)"
Next in thread: Peter Zijlstra: "Re: [PATCH] avoid out of bounds array reference in save_trace()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ia64 found this the hard way (because we currently have a stub for
save_stack_trace() that does nothing). But it would be a good idea to
be cautious in case a real save_stack_trace() bailed out with an
error before it set trace->nr_entries.

Signed-off-by: Tony Luck <tony.luck@xxxxxxxxx>

---

diff --git a/kernel/lockdep.c b/kernel/lockdep.c
index 03c06af..429540c 100644
--- a/kernel/lockdep.c
+++ b/kernel/lockdep.c
@@ -387,7 +387,8 @@ static int save_trace(struct stack_trace *trace)
* complete trace that maxes out the entries provided will be reported
* as incomplete, friggin useless </rant>
*/
- if (trace->entries[trace->nr_entries-1] == ULONG_MAX)
+ if (trace->nr_entries != 0 &&
+ trace->entries[trace->nr_entries-1] == ULONG_MAX)
trace->nr_entries--;

trace->max_entries = trace->nr_entries;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Roland Dreier: "Re: [PATCH] IB/uverbs: PTR_ERR return of wrong pointer in ib_uverbs_get_context()"
Previous message: Alan Stern: "Re: Async resume patch (was: Re: [GIT PULL] PM updates for 2.6.33)"
Next in thread: Peter Zijlstra: "Re: [PATCH] avoid out of bounds array reference in save_trace()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]