diff options
author | Luck, Tony <tony.luck@intel.com> | 2009-12-09 23:29:36 +0100 |
---|---|---|
committer | Ingo Molnar <mingo@elte.hu> | 2009-12-10 08:29:33 +0100 |
commit | ea5b41f9d595be354f7a50e56b28c2d72e6e88a5 (patch) | |
tree | cfb23bea9059df20c1c64da92f3619dc0a1038ec /kernel | |
parent | futex: Take mmap_sem for get_user_pages in fault_in_user_writeable (diff) | |
download | linux-ea5b41f9d595be354f7a50e56b28c2d72e6e88a5.tar.xz linux-ea5b41f9d595be354f7a50e56b28c2d72e6e88a5.zip |
lockdep: Avoid out of bounds array reference in save_trace()
ia64 found this the hard way (because we currently have a stub
for save_stack_trace() that does nothing). But it would be a
good idea to be cautious in case a real save_stack_trace()
bailed out with an error before it set trace->nr_entries.
Signed-off-by: Tony Luck <tony.luck@intel.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: luming.yu@intel.com
LKML-Reference: <4b2024d085302c2a2@agluck-desktop.sc.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/lockdep.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/kernel/lockdep.c b/kernel/lockdep.c index 7a3ae56b3a7f..4f8df01dbe51 100644 --- a/kernel/lockdep.c +++ b/kernel/lockdep.c @@ -386,7 +386,8 @@ static int save_trace(struct stack_trace *trace) * complete trace that maxes out the entries provided will be reported * as incomplete, friggin useless </rant> */ - if (trace->entries[trace->nr_entries-1] == ULONG_MAX) + if (trace->nr_entries != 0 && + trace->entries[trace->nr_entries-1] == ULONG_MAX) trace->nr_entries--; trace->max_entries = trace->nr_entries; |