Hello all.
This is a small patch that fixes a serious bug.
When we open /proc/xenomai/stat, function stat_seq_open kmalloc the area, write
the data and increment iter->nentries.
The last increment of this value reaches "count",
and at the next iteration "stat_info->cpu = cpu;" overwrites zero on illegal
address!
Here is my proposal of the fix..
=====patch start=====>
diff -Nur xenomai-2.4.4-org/ksrc/nucleus/module.c
xenomai-2.4.4/ksrc/nucleus/module.c
--- xenomai-2.4.4-org/ksrc/nucleus/module.c 2008-06-02 00:44:48.000000000 +0900
+++ xenomai-2.4.4/ksrc/nucleus/module.c 2008-07-29 09:46:45.000000000 +0900
@@ -443,6 +443,9 @@
int cpu = 0;
int err;
+ if (iter->nentries >= count)
+ break;
+
/* ...over all shared IRQs on all CPUs */
while (1) {
stat_info = &iter->stat_info[iter->nentries];
@@ -464,7 +467,9 @@
stat_info->pf = 0;
iter->nentries++;
- };
+ if (iter->nentries >= count)
+ break;
+ }
}
seq = file->private_data;
<=====patch end=====
I hope someone who knows this function well will solve the problem.
Regards,
Atsushi KATAGIRI
Software Engineer
A&D Company, Limited
Tokyo, Japan
_______________________________________________
Xenomai-core mailing list
Xenomai-core@gna.org
https://mail.gna.org/listinfo/xenomai-core
