kernel NULL ptr dereference in drivers/char/tty_io.c:do_SAK()

Sam Mortimer (csc4sjm@gps.leeds.ac.uk)
Tue, 22 Oct 1996 17:19:23 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: rdm@tad.micro.umn.edu: "memory detection and bios"
Previous message: Bob Tracy - TDS: "fixed or forbidden register spilled"

tty_io.c:do_SAK() derefences the `files' element of a task_struct without
first checking that it is not NULL. This has caused a GPF to occur twice
on my machine. The following patch fixes it, I think..is it good enough?
or would interrupts have to be disabled to make it completely safe?

--- linux/drivers/char/tty_io.c.orig Tue Oct 22 11:56:46 1996
+++ linux/drivers/char/tty_io.c Tue Oct 22 11:56:34 1996
@@ -1714,7 +1714,7 @@
if (((*p)->tty == tty) ||
((session > 0) && ((*p)->session == session)))
send_sig(SIGKILL, *p, 1);
- else {
+ else if ((*p)->files) {
for (i=0; i < NR_OPEN; i++) {
filp = (*p)->files->fd[i];
if (filp && (filp->f_op == &tty_fops) &&

-Sam.
please cc follow-ups to csc4sjm@gps.leeds.ac.uk

Next message: rdm@tad.micro.umn.edu: "memory detection and bios"
Previous message: Bob Tracy - TDS: "fixed or forbidden register spilled"