From 3b2fffd644e009aa93b4554ace4276244b44bfd4 Mon Sep 17 00:00:00 2001
From: Daniel Mack <daniel@zonque.org>
Date: Mon, 8 Dec 2014 10:28:00 +0100
Subject: resources: make sure vec sources are not accessed illegally

VEC source addresses are no longer valid after the SEND ioctl
returns. Add a boolean flag to track that, and BUG_ON() in case
someone calls kdbus_kmsg_make_vec_slice() from invalid contexts.

Signed-off-by: Daniel Mack <daniel@zonque.org>
---
 handle.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'handle.c')

diff --git a/handle.c b/handle.c
index 68ac7ae1010..de5c4f057cd 100644
--- a/handle.c
+++ b/handle.c
@@ -615,6 +615,12 @@ static long handle_ep_ioctl_connected(struct file *file, unsigned int cmd,
 				ret = -EFAULT;
 		}
 
+		/*
+		 * Once the ioctl returns, the src_addr pointers stored in
+		 * the message resources are no longer valid. Make sure
+		 * nobody accesses them by accident.
+		 */
+		kmsg->res->vec_src_valid = false;
 		kdbus_kmsg_free(kmsg);
 		break;
 	}
-- 
cgit v1.2.3