summaryrefslogtreecommitdiff
path: root/fs/exec.c
diff options
context:
space:
mode:
authorNeil Horman <nhorman@tuxdriver.com>2007-10-17 10:26:36 +0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-17 19:42:50 +0400
commit323211371073ce4a99b6efc69379589d6a640d35 (patch)
treed69c0b023cfa1afdc64e4de8bc27ec03195b8088 /fs/exec.c
parent74aadce986052f20088c2678f589ea0e8d3a4b59 (diff)
downloadlinux-323211371073ce4a99b6efc69379589d6a640d35.tar.xz
core_pattern: fix up a few miscellaneous bugs
Fix do_coredump to detect a crash in the user mode helper process and abort the attempt to recursively dump core to another copy of the helper process, potentially ad-infinitum. [akpm@linux-foundation.org: cleanups] Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Cc: <martin.pitt@ubuntu.com> Cc: <wwoods@redhat.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/exec.c')
-rw-r--r--fs/exec.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 6450157062ea..cbd183daaad4 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1762,14 +1762,27 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs)
goto fail_unlock;
if (ispipe) {
- core_limit = RLIM_INFINITY;
helper_argv = argv_split(GFP_KERNEL, corename+1, &helper_argc);
/* Terminate the string before the first option */
delimit = strchr(corename, ' ');
if (delimit)
*delimit = '\0';
+ delimit = strrchr(helper_argv[0], '/');
+ if (delimit)
+ delimit++;
+ else
+ delimit = helper_argv[0];
+ if (!strcmp(delimit, current->comm)) {
+ printk(KERN_NOTICE "Recursive core dump detected, "
+ "aborting\n");
+ goto fail_unlock;
+ }
+
+ core_limit = RLIM_INFINITY;
+
/* SIGPIPE can happen, but it's just never processed */
- if(call_usermodehelper_pipe(corename+1, helper_argv, NULL, &file)) {
+ if (call_usermodehelper_pipe(corename+1, helper_argv, NULL,
+ &file)) {
printk(KERN_INFO "Core dump to %s pipe failed\n",
corename);
goto fail_unlock;