[PATCH] fix to oopsable race in binfmt_elf.c

Alexander Viro (viro@math.psu.edu)
Sat, 29 Dec 2001 16:59:09 -0500 (EST)


Changing current->fs requires task_lock(current) if old value
is non-NULL. Otherwise we are risking oops on access to /proc/<pid>/{cwd,root}

diff -urN C2-pre3/fs/binfmt_elf.c C2-pre3-fs/fs/binfmt_elf.c
--- C2-pre3/fs/binfmt_elf.c Sat Oct 20 22:16:59 2001
+++ C2-pre3-fs/fs/binfmt_elf.c Sat Dec 29 15:14:18 2001
@@ -517,11 +517,13 @@
set_personality(PER_SVR4);
interpreter = open_exec(elf_interpreter);

+ task_lock(current);
new_domain = current->exec_domain;
new_fs = current->fs;
current->personality = old_pers;
current->exec_domain = old_domain;
current->fs = old_fs;
+ task_unlock(current);
put_exec_domain(new_domain);
put_fs_struct(new_fs);
} else

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/