From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <systemtap-return-8263-listarch-systemtap=sources.redhat.com@sourceware.org>
Received: (qmail 10322 invoked by alias); 3 Mar 2008 22:27:01 -0000
Received: (qmail 10310 invoked by uid 22791); 3 Mar 2008 22:27:00 -0000
X-Spam-Status: No, hits=-2.3 required=5.0 	tests=AWL,BAYES_00,SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: sourceware.org
Received: from mx1.redhat.com (HELO mx1.redhat.com) (66.187.233.31)     by sourceware.org (qpsmtpd/0.31) with ESMTP; Mon, 03 Mar 2008 22:26:41 +0000
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) 	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id m23MQdD9022724; 	Mon, 3 Mar 2008 17:26:39 -0500
Received: from mail.boston.redhat.com (mail.boston.redhat.com [172.16.76.12]) 	by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id m23MQc1G026107; 	Mon, 3 Mar 2008 17:26:38 -0500
Received: from [172.16.83.2] (dhcp83-2.boston.redhat.com [172.16.83.2]) 	by mail.boston.redhat.com (8.13.1/8.13.1) with ESMTP id m23MQapG024757; 	Mon, 3 Mar 2008 17:26:37 -0500
Message-ID: <47CC7B1C.1060305@redhat.com>
Date: Mon, 03 Mar 2008 22:27:00 -0000
From: Masami Hiramatsu <mhiramat@redhat.com>
User-Agent: Thunderbird 2.0.0.12 (X11/20080226)
MIME-Version: 1.0
To: LKML <linux-kernel@vger.kernel.org>,         Andrew Morton <akpm@linux-foundation.org>
CC: Ananth N Mavinakayanahalli <ananth@in.ibm.com>,         systemtap-ml <systemtap@sources.redhat.com>,         Jim Keniston <jkenisto@us.ibm.com>
Subject: [PATCH][2.6.25-rc2-mm1] fix a null pointer bug in register_kretprobe
X-Enigmail-Version: 0.95.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.58 on 172.16.52.254
X-IsSubscribed: yes
Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <systemtap.sourceware.org>
List-Subscribe: <mailto:systemtap-subscribe@sourceware.org>
List-Post: <mailto:systemtap@sourceware.org>
List-Help: <mailto:systemtap-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: systemtap-owner@sourceware.org
X-SW-Source: 2008-q1/txt/msg00350.txt.bz2

 Fix a bug in regiseter_kretprobe() which does not check
 rp->kp.symbol_name == NULL before calling kprobe_lookup_name.

 For maintainability, this introduces kprobe_addr helper function which
 resolves addr field. It is used by register_kprobe and register_kretprobe.

Signed-off-by: Masami Hiramatsu <mhiramat@redhat.com>
CC: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
CC: Jim Keniston <jkenisto@us.ibm.com>
---
 kernel/kprobes.c |   43 ++++++++++++++++++++++++++-----------------
 1 file changed, 26 insertions(+), 17 deletions(-)

Index: 2.6.25-rc2-mm1/kernel/kprobes.c
===================================================================
--- 2.6.25-rc2-mm1.orig/kernel/kprobes.c	2008-02-18 11:37:18.000000000 -0500
+++ 2.6.25-rc2-mm1/kernel/kprobes.c	2008-02-18 11:37:18.000000000 -0500
@@ -498,27 +498,36 @@ static int __kprobes in_kprobes_function
 	return 0;
 }

+/*
+ * If we have a symbol_name argument, look it up and add the offset field
+ * to it. This way, we can specify a relative address to a symbol.
+ */
+static kprobe_opcode_t __kprobes *kprobe_addr(struct kprobe *p)
+{
+	kprobe_opcode_t *addr = p->addr;
+	if (p->symbol_name) {
+		if (addr)
+			return NULL;
+		kprobe_lookup_name(p->symbol_name, addr);
+	}
+
+	if (!addr)
+		return NULL;
+	return (kprobe_opcode_t *)(((char *)addr) + p->offset);
+}
+
 static int __kprobes __register_kprobe(struct kprobe *p,
 	unsigned long called_from)
 {
 	int ret = 0;
 	struct kprobe *old_p;
 	struct module *probed_mod;
+	kprobe_opcode_t *addr;

-	/*
-	 * If we have a symbol_name argument look it up,
-	 * and add it to the address.  That way the addr
-	 * field can either be global or relative to a symbol.
-	 */
-	if (p->symbol_name) {
-		if (p->addr)
-			return -EINVAL;
-		kprobe_lookup_name(p->symbol_name, p->addr);
-	}
-
-	if (!p->addr)
+	addr = kprobe_addr(p);
+	if (!addr)
 		return -EINVAL;
-	p->addr = (kprobe_opcode_t *)(((char *)p->addr)+ p->offset);
+	p->addr = addr;

 	if (!kernel_text_address((unsigned long) p->addr) ||
 	    in_kprobes_functions((unsigned long) p->addr))
@@ -722,12 +731,12 @@ int __kprobes register_kretprobe(struct
 	int ret = 0;
 	struct kretprobe_instance *inst;
 	int i;
-	void *addr = rp->kp.addr;
+	void *addr;

 	if (kretprobe_blacklist_size) {
-		if (addr == NULL)
-			kprobe_lookup_name(rp->kp.symbol_name, addr);
-		addr += rp->kp.offset;
+		addr = kprobe_addr(&rp->kp);
+		if (!addr)
+			return -EINVAL;

 		for (i = 0; kretprobe_blacklist[i].name != NULL; i++) {
 			if (kretprobe_blacklist[i].addr == addr)
-- 
Masami Hiramatsu

Software Engineer
Hitachi Computer Products (America) Inc.
Software Solutions Division

e-mail: mhiramat@redhat.com