tracing: Prevent kernel oops with corrupted buffer

If the contents of the ftrace ring buffer gets corrupted and the trace file is read, it could create a kernel oops (usualy just killing the user task thread). This is caused by the checking of the pid in the buffer. If the pid is negative, it still references the cmdline cache array, which could point to an invalid address. The simple fix is to test for negative PIDs. Signed-off-by: Steven Rostedt <rostedt@goodmis.org>

tracing: Prevent kernel oops with corrupted buffer
If the contents of the ftrace ring buffer gets corrupted and the trace file is read, it could create a kernel oops (usualy just killing the user task thread). This is caused by the checking of the pid in the buffer. If the pid is negative, it still references the cmdline cache array, which could point to an invalid address. The simple fix is to test for negative PIDs. Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
74bf4076 · Steven Rostedt · Steven Rostedt · f6760aa0 · 74bf4076
Commit 74bf4076 authored Jan 25, 2010 by Steven Rostedt Committed by Steven Rostedt Jan 25, 2010
Show whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

kernel/trace/trace.c kernel/trace/trace.c +5 -0

No files found.
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -951,6 +951,11 @@ void trace_find_cmdline(int pid, char comm[])
 		return;
 	}
+	if (WARN_ON_ONCE(pid < 0)) {
+		strcpy(comm, "<XXX>");
+		return;
+	}
 	if (pid > PID_MAX_DEFAULT) {
 		strcpy(comm, "<...>");
 		return;