[PATCH v2 2/3] coredump: fix error handling for replace_fd()
From: Christian Brauner
Date: Mon Apr 14 2025 - 10:27:53 EST
The replace_fd() helper returns the file descriptor number on success
and a negative error code on failure. The current error handling in
umh_pipe_setup() only works because the file descriptor that is replaced
is zero but that's pretty volatile. Explicitly check for a negative
error code.
Tested-by: Luca Boccassi <luca.boccassi@xxxxxxxxx>
Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
---
fs/coredump.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/fs/coredump.c b/fs/coredump.c
index c33c177a701b..9da592aa8f16 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -507,7 +507,9 @@ static int umh_pipe_setup(struct subprocess_info *info, struct cred *new)
{
struct file *files[2];
struct coredump_params *cp = (struct coredump_params *)info->data;
- int err = create_pipe_files(files, 0);
+ int err;
+
+ err = create_pipe_files(files, 0);
if (err)
return err;
@@ -515,10 +517,13 @@ static int umh_pipe_setup(struct subprocess_info *info, struct cred *new)
err = replace_fd(0, files[0], 0);
fput(files[0]);
+ if (err < 0)
+ return err;
+
/* and disallow core files too */
current->signal->rlim[RLIMIT_CORE] = (struct rlimit){1, 1};
- return err;
+ return 0;
}
void do_coredump(const kernel_siginfo_t *siginfo)
--
2.47.2