[Devel] [PATCH] fs: Fix invalid dereference in proc_sys_getattr()
Kirill Tkhai
ktkhai at virtuozzo.com
Mon Apr 3 02:35:37 PDT 2017
grab_header() may return -ENOENT. In this case root in the below
struct ctl_table_header *head = grab_header(inode);
struct ctl_table_root *root = head->root;
dereferences (void *)-ENOENT, that leads to page fault and crash.
Fix that.
https://jira.sw.ru/browse/PSBM-56704
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
fs/proc/proc_sysctl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
index 1727eabfb4e..3c05a5592e3 100644
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -758,12 +758,14 @@ static int proc_sys_getattr(struct vfsmount *mnt, struct dentry *dentry, struct
{
struct inode *inode = dentry->d_inode;
struct ctl_table_header *head = grab_header(inode);
- struct ctl_table_root *root = head->root;
struct ctl_table *table = PROC_I(inode)->sysctl_entry;
+ struct ctl_table_root *root;
if (IS_ERR(head))
return PTR_ERR(head);
+ root = head->root;
+
generic_fillattr(inode, stat);
if (table) {
More information about the Devel
mailing list