From 3fb2eb99dc74ca1f8886d611c76acde6ea5e64a0 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@suse.de>
Date: Mon, 16 May 2005 21:53:29 -0700
Subject: [PATCH] --- yaml --- r: 1147 b: refs/heads/master c:
 d1099e8a18960693c04507bdd7b9403db70bfd97 h: refs/heads/master i:   1145:
 b1fe256bc8ea9b79557e34ab5989cebc9ab09b14   1143:
 3ac97ff8bd669eadc105c5630c1d73f3d0ff729b v: v3

---
 [refs]                            | 2 +-
 trunk/arch/x86_64/kernel/ptrace.c | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/[refs] b/[refs]
index 86180f12cf70..cd70663aac62 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 312df5f1a1da780e084b328bcabb02a6dcd044c3
+refs/heads/master: d1099e8a18960693c04507bdd7b9403db70bfd97
diff --git a/trunk/arch/x86_64/kernel/ptrace.c b/trunk/arch/x86_64/kernel/ptrace.c
index e26e86bb56fe..892212161aa8 100644
--- a/trunk/arch/x86_64/kernel/ptrace.c
+++ b/trunk/arch/x86_64/kernel/ptrace.c
@@ -277,6 +277,11 @@ static int putreg(struct task_struct *child,
 				return -EIO;
 			value &= 0xffff;
 			break;
+		case offsetof(struct user_regs_struct, rip):
+			/* Check if the new RIP address is canonical */
+			if (value >= TASK_SIZE)
+				return -EIO;
+			break;
 	}
 	put_stack_long(child, regno - sizeof(struct pt_regs), value);
 	return 0;