From: Alexey Dobriyan Date: Mon, 16 Jul 2007 06:40:21 +0000 (-0700) Subject: /proc/*/environ: wrong placing of ptrace_may_attach() check X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=da58a1617343e345d435953a0f32024997a95164;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git /proc/*/environ: wrong placing of ptrace_may_attach() check It's a bit dopey-looking and can permit a task to cause a pagefault in an mm which it doesn't have permission to read from. Signed-off-by: Alexey Dobriyan Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/proc/base.c b/fs/proc/base.c index 46ea5d56e1bb..d0921944e68c 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -204,12 +204,17 @@ static int proc_pid_environ(struct task_struct *task, char * buffer) int res = 0; struct mm_struct *mm = get_task_mm(task); if (mm) { - unsigned int len = mm->env_end - mm->env_start; + unsigned int len; + + res = -ESRCH; + if (!ptrace_may_attach(task)) + goto out; + + len = mm->env_end - mm->env_start; if (len > PAGE_SIZE) len = PAGE_SIZE; res = access_process_vm(task, mm->env_start, buffer, len, 0); - if (!ptrace_may_attach(task)) - res = -ESRCH; +out: mmput(mm); } return res;