[grsec] ptrace denied returns unintialized value?
Natanael Copa
natanael.copa at gmail.com
Wed Oct 10 04:20:54 EDT 2007
Hi,
I'm looking at the grsecurity-2.1.11-2.6.22.9-200709280630.patch
I have a question about this hunk:
diff -urNp linux-2.6.22.9/arch/alpha/kernel/ptrace.c linux-2.6.22.9/arch/alpha/kernel/ptrace.c
--- linux-2.6.22.9/arch/alpha/kernel/ptrace.c 2007-08-09 17:28:15.000000000 -0400
+++ linux-2.6.22.9/arch/alpha/kernel/ptrace.c 2007-08-10 07:48:12.000000000 -0400
@@ -15,6 +15,7 @@
#include <linux/slab.h>
#include <linux/security.h>
#include <linux/signal.h>
+#include <linux/grsecurity.h>
#include <asm/uaccess.h>
#include <asm/pgtable.h>
@@ -283,6 +284,9 @@ do_sys_ptrace(long request, long pid, lo
goto out_notsk;
}
+ if (gr_handle_ptrace(child, request))
+ goto out;
+
if (request == PTRACE_ATTACH) {
ret = ptrace_attach(child);
goto out;
It looks to me that it might return an unintiliaized value of "ret". Shouldn't it be:
if (gr_handle_ptrace(child, request)) {
ret = -EPERM;
goto out;
}
Just wondering...
-nc
More information about the grsecurity
mailing list