On Wed, Sep 11, 2013 at 2:06 AM, Andi Kleen <[email protected]> wrote: >> Indeed, get_wchan ensures that fp<stack+THREAD_SIZE, but then dereferences >> fp+8: >> >> 434 if (fp < (unsigned long)stack || >> 435 fp >= (unsigned long)stack+THREAD_SIZE) >> 436 return 0; >> 437 ip = *(u64 *)(fp+8); >> >> It must check that fp+8<stack+THREAD_SIZE. >> As far as I see, the bug can lead to garbage return values or in the >> worst case to crash. > > Thanks for the report. > > The change looks good to me. Can you please submit a formal signed off patch > to [email protected] ?
Hi Andi, Wolfram has a patch for it. Wolfram, please send your patch to [email protected]. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
