提交 c4d1fcf3 编写于 作者: A Andi Kleen 提交者: Linus Torvalds

[PATCH] x86_64: Don't allow accesses below register frame in ptrace

There was a "off by one quad word" error in there.  I don't think it is
exploitable because it will only store into a unused area, but better to plug
it.

Found and fixed by John Blackwood
Signed-off-by: NAndi Kleen <ak@suse.de>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
上级 b41e2939
......@@ -380,7 +380,7 @@ asmlinkage long sys_ptrace(long request, long pid, unsigned long addr, long data
break;
switch (addr) {
case 0 ... sizeof(struct user_regs_struct):
case 0 ... sizeof(struct user_regs_struct) - sizeof(long):
tmp = getreg(child, addr);
break;
case offsetof(struct user, u_debugreg[0]):
......@@ -425,7 +425,7 @@ asmlinkage long sys_ptrace(long request, long pid, unsigned long addr, long data
break;
switch (addr) {
case 0 ... sizeof(struct user_regs_struct):
case 0 ... sizeof(struct user_regs_struct) - sizeof(long):
ret = putreg(child, addr, data);
break;
/* Disallows to set a breakpoint into the vsyscall */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册