lockdep: Avoid out of bounds array reference in save_trace()
authorLuck, Tony <tony.luck@intel.com>
Wed, 9 Dec 2009 22:29:36 +0000 (14:29 -0800)
committerIngo Molnar <mingo@elte.hu>
Thu, 10 Dec 2009 07:29:33 +0000 (08:29 +0100)
ia64 found this the hard way (because we currently have a stub
for save_stack_trace() that does nothing). But it would be a
good idea to  be cautious in case a real save_stack_trace()
bailed out with an error before it set trace->nr_entries.

Signed-off-by: Tony Luck <tony.luck@intel.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: luming.yu@intel.com
LKML-Reference: <4b2024d085302c2a2@agluck-desktop.sc.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
kernel/lockdep.c

index 7a3ae56b3a7f6625c7d248982a665a92bf66b174..4f8df01dbe51ad05e1957fa7e1eecd20af7e0765 100644 (file)
@@ -386,7 +386,8 @@ static int save_trace(struct stack_trace *trace)
         * complete trace that maxes out the entries provided will be reported
         * as incomplete, friggin useless </rant>
         */
-       if (trace->entries[trace->nr_entries-1] == ULONG_MAX)
+       if (trace->nr_entries != 0 &&
+           trace->entries[trace->nr_entries-1] == ULONG_MAX)
                trace->nr_entries--;
 
        trace->max_entries = trace->nr_entries;