diff options
| author | Dan Aloni <alonid@stratoscale.com> | 2013-09-30 13:45:02 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-10-13 16:08:31 -0700 |
| commit | cc748eed10e7e91c4fbc3a4503537f5748342b16 (patch) | |
| tree | d60e391fe804cec4b1465f3d2c4d74d6704a3316 /sound | |
| parent | fd728b3e6bd0153c78425052da773c95f3fcf332 (diff) | |
| download | linux-3.10-cc748eed10e7e91c4fbc3a4503537f5748342b16.tar.gz linux-3.10-cc748eed10e7e91c4fbc3a4503537f5748342b16.tar.bz2 linux-3.10-cc748eed10e7e91c4fbc3a4503537f5748342b16.zip | |
fs/binfmt_elf.c: prevent a coredump with a large vm_map_count from Oopsing
commit 72023656961b8c81a168a7a6762d589339d0d7ec upstream.
A high setting of max_map_count, and a process core-dumping with a large
enough vm_map_count could result in an NT_FILE note not being written,
and the kernel crashing immediately later because it has assumed
otherwise.
Reproduction of the oops-causing bug described here:
https://lkml.org/lkml/2013/8/30/50
Rge ussue originated in commit 2aa362c49c31 ("coredump: extend core dump
note section to contain file names of mapped file") from Oct 4, 2012.
This patch make that section optional in that case. fill_files_note()
should signify the error, and also let the info struct in
elf_core_dump() be zero-initialized so that we can check for the
optionally written note.
[akpm@linux-foundation.org: avoid abusing E2BIG, remove a couple of not-really-needed local variables]
[akpm@linux-foundation.org: fix sparse warning]
Signed-off-by: Dan Aloni <alonid@stratoscale.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Denys Vlasenko <vda.linux@googlemail.com>
Reported-by: Martin MOKREJS <mmokrejs@gmail.com>
Tested-by: Martin MOKREJS <mmokrejs@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'sound')
0 files changed, 0 insertions, 0 deletions