possible bug in ipc/msg.c

Michael Adda (m_photon@usa.net)
Fri, 27 Mar 1998 00:26:09

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ricky Beam: "Re: Modified floppies can crash Linux (fwd)"
Previous message: Ricky Beam: "Re: Modified floppies can crash Linux (fwd)"

hi
first, i hope that this is the right place, :-> ,
since i an not sure about the 'finding' ...
i need an advice. i am currently reading the kernel's code
systematiclay, and i believe i stumbled into a bug in ipc/msg.c
lines
326,329. i am talking about kernel 2.0.30-2.0.33 ( which i am
working
with ) and not about the development kernels... please read the
relevent code ...
since we are no longer ( between this lines ) in atomic operations,
someone can suspend are in say line 326, recieve the current
message (the one we have nmsg as pointer to ) and leave us with pointer to
garbage...
i belive that we should put lines 326-329 in cli/restoreflags()
pair
after checking that the message is valid via the pointer flag ( not
IPC_UNUSED/IPC_NOOID ).
i hope that i am not bothering you for nothing...
there are similar problems in the rest of the ipc.
if it is realy a bug as i believe then i will happily write
a patch. :-)

thank you for your time
Michael ( m_photon@usa.net )

____________________________________________________________________
Get free e-mail and a permanent address at http://www.netaddress.com

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Ricky Beam: "Re: Modified floppies can crash Linux (fwd)"
Previous message: Ricky Beam: "Re: Modified floppies can crash Linux (fwd)"