| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20201209112100.47653-2-yahu.gao@windriver.com>
Date: Wed, 9 Dec 2020 19:21:00 +0800
From: Yahu Gao <yahu.gao@...driver.com>
To: Alexey Dobriyan <adobriyan@...il.com>
Cc: linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
yahu.gao@...driver.com
Subject: [PATCH] fs/proc: Fix NULL pointer dereference in pid_delete_dentry
Get the staus of task from the pointer of proc inode directly is not
safe. The function get_proc_task make it happen in RCU protection.
Signed-off-by: Yahu Gao <yahu.gao@...driver.com>
---
fs/proc/base.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 1bc9bcdef09f..05f33bb35067 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1994,7 +1994,7 @@ static int pid_revalidate(struct dentry *dentry, unsigned int flags)
static inline bool proc_inode_is_dead(struct inode *inode)
{
- return !proc_pid(inode)->tasks[PIDTYPE_PID].first;
+ return !get_proc_task(inode);
}
int pid_delete_dentry(const struct dentry *dentry)
--
2.25.1
Powered by blists - more mailing lists