Merge "diag: dci: Validate dci client entries prior to access"

author: Linux Build Service Account <lnxbuild@quicinc.com> 2017-06-01 01:52:56 -0700
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2017-06-01 01:52:56 -0700
commit: 9fbc608307bc1c8f7efedc2d9b5e9997ae994c76 (patch)
tree: 2b9213f8f2cec24c6faf53f86d8f0563ed244831
parent: 4bb39679c00a57a74d8d366202c5adf4d62c4b5a (diff)
parent: 29aedc529b9c35edff41ae484be50a1f53b813c0 (diff)
1 files changed, 18 insertions, 1 deletions
diff --git a/drivers/char/diag/diag_dci.c b/drivers/char/diag/diag_dci.c
index 4a83fc5cc68a..fb45af9c49d3 100644
--- a/drivers/char/diag/diag_dci.c
+++ b/drivers/char/diag/diag_dci.c
@@ -2244,9 +2244,26 @@ struct diag_dci_client_tbl *dci_lookup_client_entry_pid(int tgid)
 {
 	struct list_head *start, *temp;
 	struct diag_dci_client_tbl *entry = NULL;
+	struct pid *pid_struct = NULL;
+	struct task_struct *task_s = NULL;
+
 	list_for_each_safe(start, temp, &driver->dci_client_list) {
 		entry = list_entry(start, struct diag_dci_client_tbl, track);
-		if (entry->client && entry->tgid == entry->client->tgid)
+		pid_struct = find_get_pid(entry->tgid);
+		if (!pid_struct) {
+			DIAG_LOG(DIAG_DEBUG_DCI,
+				"diag: valid pid doesn't exist for pid = %d\n",
+				entry->tgid);
+			continue;
+		}
+		task_s = get_pid_task(pid_struct, PIDTYPE_PID);
+		if (!task_s) {
+			DIAG_LOG(DIAG_DEBUG_DCI,
+				"diag: valid task doesn't exist for pid = %d\n",
+				entry->tgid);
+			continue;
+		}
+		if (task_s == entry->client)
 			if (entry->client->tgid == tgid)
 				return entry;
 	}
author	Linux Build Service Account <lnxbuild@quicinc.com>	2017-06-01 01:52:56 -0700
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2017-06-01 01:52:56 -0700
commit	9fbc608307bc1c8f7efedc2d9b5e9997ae994c76 (patch)
tree	2b9213f8f2cec24c6faf53f86d8f0563ed244831
parent	4bb39679c00a57a74d8d366202c5adf4d62c4b5a (diff)
parent	29aedc529b9c35edff41ae484be50a1f53b813c0 (diff)