diff mbox

[-mm,1/1] ptrace: PTRACE_GETFDPIC: fix the unsafe usage of child->mm

Message ID 20100522165401.GB19573@redhat.com (mailing list archive)
State Not Applicable
Headers show

Commit Message

Oleg Nesterov May 22, 2010, 4:54 p.m. UTC 
None
diff mbox

Patch

--- 34-rc1/kernel/ptrace.c~PTRACE_FDPIC	2010-05-22 18:04:47.000000000 +0200
+++ 34-rc1/kernel/ptrace.c	2010-05-22 18:35:35.000000000 +0200
@@ -598,18 +598,24 @@  int ptrace_request(struct task_struct *c
 
 #ifdef CONFIG_BINFMT_ELF_FDPIC
 	case PTRACE_GETFDPIC: {
+		struct mm_struct *mm = get_task_mm(child);
 		unsigned long tmp = 0;
 
+		ret = -ESRCH;
+		if (!mm)
+			break;
+
 		switch (addr) {
 		case PTRACE_GETFDPIC_EXEC:
-			tmp = child->mm->context.exec_fdpic_loadmap;
+			tmp = mm->context.exec_fdpic_loadmap;
 			break;
 		case PTRACE_GETFDPIC_INTERP:
-			tmp = child->mm->context.interp_fdpic_loadmap;
+			tmp = mm->context.interp_fdpic_loadmap;
 			break;
 		default:
 			break;
 		}
+		mmput(mm);
 
 		ret = put_user(tmp, (unsigned long __user *) data);
 		break;