aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeil Horman <nhorman@tuxdriver.com>2007-10-17 02:26:36 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-17 11:42:50 -0400
commit323211371073ce4a99b6efc69379589d6a640d35 (patch)
treed69c0b023cfa1afdc64e4de8bc27ec03195b8088
parent74aadce986052f20088c2678f589ea0e8d3a4b59 (diff)
core_pattern: fix up a few miscellaneous bugs
Fix do_coredump to detect a crash in the user mode helper process and abort the attempt to recursively dump core to another copy of the helper process, potentially ad-infinitum. [akpm@linux-foundation.org: cleanups] Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Cc: <martin.pitt@ubuntu.com> Cc: <wwoods@redhat.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/exec.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 6450157062ea..cbd183daaad4 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1762,14 +1762,27 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
1762 goto fail_unlock; 1762 goto fail_unlock;
1763 1763
1764 if (ispipe) { 1764 if (ispipe) {
1765 core_limit = RLIM_INFINITY;
1766 helper_argv = argv_split(GFP_KERNEL, corename+1, &helper_argc); 1765 helper_argv = argv_split(GFP_KERNEL, corename+1, &helper_argc);
1767 /* Terminate the string before the first option */ 1766 /* Terminate the string before the first option */
1768 delimit = strchr(corename, ' '); 1767 delimit = strchr(corename, ' ');
1769 if (delimit) 1768 if (delimit)
1770 *delimit = '\0'; 1769 *delimit = '\0';
1770 delimit = strrchr(helper_argv[0], '/');
1771 if (delimit)
1772 delimit++;
1773 else
1774 delimit = helper_argv[0];
1775 if (!strcmp(delimit, current->comm)) {
1776 printk(KERN_NOTICE "Recursive core dump detected, "
1777 "aborting\n");
1778 goto fail_unlock;
1779 }
1780
1781 core_limit = RLIM_INFINITY;
1782
1771 /* SIGPIPE can happen, but it's just never processed */ 1783 /* SIGPIPE can happen, but it's just never processed */
1772 if(call_usermodehelper_pipe(corename+1, helper_argv, NULL, &file)) { 1784 if (call_usermodehelper_pipe(corename+1, helper_argv, NULL,
1785 &file)) {
1773 printk(KERN_INFO "Core dump to %s pipe failed\n", 1786 printk(KERN_INFO "Core dump to %s pipe failed\n",
1774 corename); 1787 corename);
1775 goto fail_unlock; 1788 goto fail_unlock;