mm/fremap.c: fix oops on error path
If find_vma() fails, sys_remap_file_pages() will dereference `vma', which contains NULL. Fix it by checking the pointer. (We could alternatively check for err==0, but this seems more direct) (The vm_flags change is to squish a bogus used-uninitialised warning without adding extra code). Reported-by: Tommi Rantala <tt.rantala@gmail.com> Cc: Michel Lespinasse <walken@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
c8615d3716
commit
6d7825b10d
|
@ -163,7 +163,8 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
|
|||
* and that the remapped range is valid and fully within
|
||||
* the single existing vma.
|
||||
*/
|
||||
if (!vma || !(vma->vm_flags & VM_SHARED))
|
||||
vm_flags = vma->vm_flags;
|
||||
if (!vma || !(vm_flags & VM_SHARED))
|
||||
goto out;
|
||||
|
||||
if (!vma->vm_ops || !vma->vm_ops->remap_pages)
|
||||
|
@ -254,7 +255,8 @@ get_write_lock:
|
|||
*/
|
||||
|
||||
out:
|
||||
vm_flags = vma->vm_flags;
|
||||
if (vma)
|
||||
vm_flags = vma->vm_flags;
|
||||
if (likely(!has_write_lock))
|
||||
up_read(&mm->mmap_sem);
|
||||
else
|
||||
|
|
Loading…
Reference in New Issue