Re: Potential DOS in load_elf_library?

From: Andrew Morton
Date: Fri Mar 18 2005 - 03:44:04 EST

Next message: Ingo Molnar: "Re: Real-Time Preemption and RCU"
Previous message: Kurt Garloff: "Re: 2.6.11 vs 2.6.10 slowdown on i686"
In reply to: Yichen Xie: "Potential DOS in load_elf_library?"
Next in thread: Herbert Xu: "Re: Potential DOS in load_elf_library?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yichen Xie <yxie@xxxxxxxxxxxxxxx> wrote:
>
> Hi guys, I was looking at the load_elf_library function (fs/binfmt_elf.c)
> in 2.6.10, and noticed the following:
>
> elf_phdata = (struct elf_phdr *) kmalloc(j, GFP_KERNEL);
> ...
> while (elf_phdata->p_type != PT_LOAD) elf_phdata++;
> ...
> kfree(elf_phdata);
>
> Could this be problematic since the pointer being freed might be different
> from that returned from kmalloc?

Current kernels seem to be OK.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: Real-Time Preemption and RCU"
Previous message: Kurt Garloff: "Re: 2.6.11 vs 2.6.10 slowdown on i686"
In reply to: Yichen Xie: "Potential DOS in load_elf_library?"
Next in thread: Herbert Xu: "Re: Potential DOS in load_elf_library?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]