lockdep: Avoid out of bounds array reference in save_trace()
Luck, Tony [Wed, 9 Dec 2009 22:29:36 +0000 (14:29 -0800)]
ia64 found this the hard way (because we currently have a stub
for save_stack_trace() that does nothing). But it would be a
good idea to  be cautious in case a real save_stack_trace()
bailed out with an error before it set trace->nr_entries.

Signed-off-by: Tony Luck <tony.luck@intel.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: luming.yu@intel.com
LKML-Reference: <4b2024d085302c2a2@agluck-desktop.sc.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>

kernel/lockdep.c

index 7a3ae56..4f8df01 100644 (file)
@@ -386,7 +386,8 @@ static int save_trace(struct stack_trace *trace)
         * complete trace that maxes out the entries provided will be reported
         * as incomplete, friggin useless </rant>
         */
-       if (trace->entries[trace->nr_entries-1] == ULONG_MAX)
+       if (trace->nr_entries != 0 &&
+           trace->entries[trace->nr_entries-1] == ULONG_MAX)
                trace->nr_entries--;
 
        trace->max_entries = trace->nr_entries;