The return value of futex_find_get_task() needs to be -ESRCH in case that the search fails. This was part of the original futex fixes and got accidentally dropped, when the futex-tidy-up patch was split out. Results in a NULL pointer dereference in case the search fails. Restore it. Signed-off-by: Thomas Gleixner Cc: Ingo Molnar Cc: Ulrich Drepper Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman --- kernel/futex.c | 14 ++++++-------- 1 files changed, 6 insertions(+), 8 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index c93ffbf..99dad33 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -390,14 +390,12 @@ static struct task_struct * futex_find_get_task(pid_t pid) rcu_read_lock(); p = find_task_by_pid(pid); - if (!p) - goto out_unlock; - if ((current->euid != p->euid) && (current->euid != p->uid)) { - p = NULL; - goto out_unlock; - } - get_task_struct(p); -out_unlock: + + if (!p || ((current->euid != p->euid) && (current->euid != p->uid))) + p = ERR_PTR(-ESRCH); + else + get_task_struct(p); + rcu_read_unlock(); return p; -- 1.5.2.4 -- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/