flat: fix uninitialized ptr with shared libs
Linus Torvalds [Thu, 6 Aug 2009 22:09:34 +0000 (15:09 -0700)]
The new credentials code broke load_flat_shared_library() as it now uses
an uninitialized cred pointer.

Reported-by: Bernd Schmidt <bernds_cb1@t-online.de>
Tested-by: Bernd Schmidt <bernds_cb1@t-online.de>
Cc: Mike Frysinger <vapier@gentoo.org>
Cc: David Howells <dhowells@redhat.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

fs/binfmt_flat.c

index 697f6b5..e92f229 100644 (file)
@@ -828,15 +828,22 @@ static int load_flat_shared_library(int id, struct lib_info *libs)
        if (IS_ERR(bprm.file))
                return res;
 
+       bprm.cred = prepare_exec_creds();
+       res = -ENOMEM;
+       if (!bprm.cred)
+               goto out;
+
        res = prepare_binprm(&bprm);
 
        if (res <= (unsigned long)-4096)
                res = load_flat_file(&bprm, libs, id, NULL);
-       if (bprm.file) {
-               allow_write_access(bprm.file);
-               fput(bprm.file);
-               bprm.file = NULL;
-       }
+
+       abort_creds(bprm.cred);
+
+out:
+       allow_write_access(bprm.file);
+       fput(bprm.file);
+
        return(res);
 }