| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Feb 2011 23:14:27 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: Willy Tarreau <w@....eu>
Cc: linux-kernel@...r.kernel.org, stable@...nel.org,
stable-review@...nel.org, Slava Pestov <slavapestov@...gle.com>,
Greg Kroah-Hartman <gregkh@...e.de>,
Steven Rostedt <rostedt@...dmis.org>
Subject: Re: [Stable-review] [PATCH 20/23] tracing: Fix panic when lseek()
called on "trace" opened for writing
On Mon, 2011-02-07 at 00:23 +0100, Willy Tarreau wrote:
> 2.6.27.58-stable review patch. If anyone has any objections, please let us know.
>
> ------------------
>
> From: Slava Pestov <slavapestov@...gle.com>
>
> commit 364829b1263b44aa60383824e4c1289d83d78ca7 upstream.
>
> The file_ops struct for the "trace" special file defined llseek as seq_lseek().
> However, if the file was opened for writing only, seq_open() was not called,
> and the seek would dereference a null pointer, file->private_data.
>
> This patch introduces a new wrapper for seq_lseek() which checks if the file
> descriptor is opened for reading first. If not, it does nothing.
[...]
> --- longterm-2.6.27.orig/kernel/trace/trace.c 2011-01-23 10:52:37.000000000 +0100
> +++ longterm-2.6.27/kernel/trace/trace.c 2011-01-29 11:42:07.287067215 +0100
> @@ -2041,17 +2041,25 @@
> return ret;
> }
>
> +static loff_t tracing_seek(struct file *file, loff_t offset, int origin)
[...]
> + .llseek = tracing_lseek,
[...]
> + .llseek = tracing_lseek,
[...]
These names don't agree!
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists