aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHiroshi Shimamoto <h-shimamoto@ct.jp.nec.com>2008-02-14 13:26:24 -0500
committerIngo Molnar <mingo@elte.hu>2008-02-25 10:34:17 -0500
commitae0027869db7d28563cd783865fab04ffd18419c (patch)
tree9d57da1dd823e9413fd539a4a60e09df6fe630f8
parent2d07b255c7b8a9723010e5c74778e058dc05162e (diff)
latencytop: fix kernel panic while reading latency proc file
Reading /proc/<pid>/latency or /proc/<pid>/task/<tid>/latency could cause NULL pointer dereference. In lstats_open(), get_proc_task() can return NULL, in which case the kernel will oops at lstats_show_proc() because m->private is NULL. When get_proc_task() returns NULL, the kernel should return -ENOENT. This can be reproduced by the following script. while : do date bash -c 'ls > ls.$$' & pid=$! cat /proc/$pid/latency & cat /proc/$pid/latency & cat /proc/$pid/latency & cat /proc/$pid/latency done Signed-off-by: Hiroshi Shimamoto <h-shimamoto@ct.jp.nec.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
-rw-r--r--fs/proc/base.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 96ee899d6502..989e3078d7af 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -350,6 +350,8 @@ static int lstats_open(struct inode *inode, struct file *file)
350 struct seq_file *m; 350 struct seq_file *m;
351 struct task_struct *task = get_proc_task(inode); 351 struct task_struct *task = get_proc_task(inode);
352 352
353 if (!task)
354 return -ENOENT;
353 ret = single_open(file, lstats_show_proc, NULL); 355 ret = single_open(file, lstats_show_proc, NULL);
354 if (!ret) { 356 if (!ret) {
355 m = file->private_data; 357 m = file->private_data;