UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity

sparc64: Fix end-of-stack checking in save_stack_trace(). 

Bug reported by Alexander Beregalov.

Before we dereference the stack frame or try to peek at the
pt_regs magic value, make sure the entire object is within
the kernel stack bounds.

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2008-08-07 23:04:37 -07:00
parent 764f2579d9
commit 433c5f7068
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
arch/sparc64/kernel/stacktrace.c
View File

@ -26,13 +26,15 @@ void save_stack_trace(struct stack_trace *trace)
/* Bogus frame pointer? */ /* Bogus frame pointer? */
if (fp < (thread_base + sizeof(struct thread_info)) || if (fp < (thread_base + sizeof(struct thread_info)) ||
fp >= (thread_base + THREAD_SIZE)) fp > (thread_base + THREAD_SIZE - sizeof(struct sparc_stackf)))
break; break;
sf = (struct sparc_stackf *) fp; sf = (struct sparc_stackf *) fp;
regs = (struct pt_regs *) (sf + 1); regs = (struct pt_regs *) (sf + 1);
if ((regs->magic & ~0x1ff) == PT_REGS_MAGIC) { if (((unsigned long)regs <=
(thread_base + THREAD_SIZE - sizeof(*regs))) &&
(regs->magic & ~0x1ff) == PT_REGS_MAGIC) {
if (!(regs->tstate & TSTATE_PRIV)) if (!(regs->tstate & TSTATE_PRIV))
break; break;
pc = regs->tpc; pc = regs->tpc;