]>
Commit | Line | Data |
---|---|---|
c0e0a2bf GKH |
1 | From 264b83c07a84223f0efd0d1db9ccc66d6f88288f Mon Sep 17 00:00:00 2001 |
2 | From: Oleg Nesterov <oleg@redhat.com> | |
3 | Date: Thu, 16 May 2013 17:43:55 +0200 | |
4 | Subject: usermodehelper: check subprocess_info->path != NULL | |
5 | ||
6 | From: Oleg Nesterov <oleg@redhat.com> | |
7 | ||
8 | commit 264b83c07a84223f0efd0d1db9ccc66d6f88288f upstream. | |
9 | ||
10 | argv_split(empty_or_all_spaces) happily succeeds, it simply returns | |
11 | argc == 0 and argv[0] == NULL. Change call_usermodehelper_exec() to | |
12 | check sub_info->path != NULL to avoid the crash. | |
13 | ||
14 | This is the minimal fix, todo: | |
15 | ||
16 | - perhaps we should change argv_split() to return NULL or change the | |
17 | callers. | |
18 | ||
19 | - kill or justify ->path[0] check | |
20 | ||
21 | - narrow the scope of helper_lock() | |
22 | ||
23 | Signed-off-by: Oleg Nesterov <oleg@redhat.com> | |
24 | Acked-By: Lucas De Marchi <lucas.demarchi@intel.com> | |
25 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | |
26 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
27 | ||
28 | --- | |
29 | kernel/kmod.c | 5 +++++ | |
30 | 1 file changed, 5 insertions(+) | |
31 | ||
32 | --- a/kernel/kmod.c | |
33 | +++ b/kernel/kmod.c | |
34 | @@ -421,6 +421,11 @@ int call_usermodehelper_exec(struct subp | |
35 | int retval = 0; | |
36 | ||
37 | helper_lock(); | |
38 | + if (!sub_info->path) { | |
39 | + retval = -EINVAL; | |
40 | + goto out; | |
41 | + } | |
42 | + | |
43 | if (sub_info->path[0] == '\0') | |
44 | goto out; | |
45 |