Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2c841eee authored by Manoj Prabhu B's avatar Manoj Prabhu B
Browse files

diag: dci: Validate dci client entries prior to access 



The patch validates the dci entries and its task
structure before accessing structure members avoiding possible
kernel bug.

CRs-Fixed: 2035140
Change-Id: I7b0813defef1cb60400184acc631047cf72af94e
Signed-off-by: default avatarManoj Prabhu B <bmanoj@codeaurora.org>
parent b47931f3

drivers/char/diag/diag_dci.c

+19 −2
Original line number Diff line number Diff line
@@ -2208,9 +2208,26 @@ struct diag_dci_client_tbl *dci_lookup_client_entry_pid(int tgid) 
{

	struct list_head *start, *temp;

	struct diag_dci_client_tbl *entry = NULL;

	struct pid *pid_struct = NULL;

	struct task_struct *task_s = NULL;



	list_for_each_safe(start, temp, &driver->dci_client_list) {

		entry = list_entry(start, struct diag_dci_client_tbl, track);

		pid_struct = find_get_pid(entry->tgid);

		if (!pid_struct) {

			DIAG_LOG(DIAG_DEBUG_DCI,

				"diag: valid pid doesn't exist for pid = %d\n",

				entry->tgid);

			continue;

		}

		task_s = get_pid_task(pid_struct, PIDTYPE_PID);

		if (!task_s) {

			DIAG_LOG(DIAG_DEBUG_DCI,

				"diag: valid task doesn't exist for pid = %d\n",

				entry->tgid);

			continue;

		}

		if (task_s == entry->client)

			if (entry->client->tgid == tgid)

				return entry;

	}