Skip to content

Commit

Permalink
bpf: Fix NULL dereference in bpf_task_storage
Browse files Browse the repository at this point in the history 
In bpf_pid_task_storage_update_elem(), it missed to
test the !task_storage_ptr(task) which then could trigger a NULL
pointer exception in bpf_local_storage_update().

Fixes: 4cf1bc1 ("bpf: Implement task local storage")
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Tested-by: Roman Gushchin <guro@fb.com>
Acked-by: KP Singh <kpsingh@google.com>
Link: https://lore.kernel.org/bpf/20201112001919.2028357-1-kafai@fb.com
  • Loading branch information
Martin KaFai Lau authored and Alexei Starovoitov committed Nov 12, 2020
1 parent 8378788 commit 09a3dac
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion kernel/bpf/bpf_task_storage.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ static int bpf_pid_task_storage_update_elem(struct bpf_map *map, void *key,
*/
WARN_ON_ONCE(!rcu_read_lock_held());
task = pid_task(pid, PIDTYPE_PID);
if (!task) {
if (!task || !task_storage_ptr(task)) {
err = -ENOENT;
goto out;
}
Expand Down

0 comments on commit 09a3dac

Please sign in to comment.