From: Thomas Gleixner <tglx@linutronix.de>
Date: Sat, 23 Jun 2007 09:48:40 +0000 (+0200)
Subject: FUTEX: Restore the dropped ERSCH fix
X-Git-Tag: v2.6.21.7~11
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=8e9a9197b255bbbed3e674a5d1e6b6516c1f027b;p=karo-tx-linux.git

FUTEX: Restore the dropped ERSCH fix

The return value of futex_find_get_task() needs to be -ESRCH in case
that the search fails. This was part of the original futex fixes and
got accidentally dropped, when the futex-tidy-up patch was split out.

Results in a NULL pointer dereference in case the search fails.

Restore it.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Ulrich Drepper <drepper@redhat.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---

diff --git a/kernel/futex.c b/kernel/futex.c
index c132532b2eed..480943687456 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -390,14 +390,12 @@ static struct task_struct * futex_find_get_task(pid_t pid)
 
 	rcu_read_lock();
 	p = find_task_by_pid(pid);
-	if (!p)
-		goto out_unlock;
-	if ((current->euid != p->euid) && (current->euid != p->uid)) {
-		p = NULL;
-		goto out_unlock;
-	}
-	get_task_struct(p);
-out_unlock:
+
+	if (!p || ((current->euid != p->euid) && (current->euid != p->uid)))
+		p = ERR_PTR(-ESRCH);
+	else
+		get_task_struct(p);
+
 	rcu_read_unlock();
 
 	return p;