[PATCH] x86_64: Don't allow accesses below register frame in ptrace
There was a "off by one quad word" error in there. I don't think it is exploitable because it will only store into a unused area, but better to plug it. Found and fixed by John Blackwood Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
b41e29398a
commit
c4d1fcf3a2
|
@ -380,7 +380,7 @@ asmlinkage long sys_ptrace(long request, long pid, unsigned long addr, long data
|
|||
break;
|
||||
|
||||
switch (addr) {
|
||||
case 0 ... sizeof(struct user_regs_struct):
|
||||
case 0 ... sizeof(struct user_regs_struct) - sizeof(long):
|
||||
tmp = getreg(child, addr);
|
||||
break;
|
||||
case offsetof(struct user, u_debugreg[0]):
|
||||
|
@ -425,7 +425,7 @@ asmlinkage long sys_ptrace(long request, long pid, unsigned long addr, long data
|
|||
break;
|
||||
|
||||
switch (addr) {
|
||||
case 0 ... sizeof(struct user_regs_struct):
|
||||
case 0 ... sizeof(struct user_regs_struct) - sizeof(long):
|
||||
ret = putreg(child, addr, data);
|
||||
break;
|
||||
/* Disallows to set a breakpoint into the vsyscall */
|
||||
|
|
Loading…
Reference in New Issue