dtrace: ensure return value of access_process_vm() is > 0
If access_process_vm() returns a value <= 0, the loop intended to replace
NULs with whitespace in the ps string could turn into a memory sprayer
by incrementing its loop counter all the way to (uintptr_t)-1. This
often shows up as crashes with PTEs showing 0x20 stuffed inside, e.g.:
[ 630.136149] PGD
66f7f067 PUD
802a5067 PMD
18fff0067 PTE
2020200208ad2025
[ 630.136194] Bad pagetable: 000d [#1] SMP
[ 1698.220469] PGD
5cebd067 PUD
5ced6067 PMD
17fe6d067 PTE
8020202032652867
[ 1698.220511] Bad pagetable: 000d [#1] SMP
[ 438.486319] PGD
136cee067 PUD
136d9b067 PMD
13ba2067 PTE
802020012c8bf867
[ 438.486364] Bad pagetable: 000d [#1] SMP
though it can cause other crashes. To fix, bracket the loop logic in
a test of access_process_vm()'s return value.
Orabug:
22295336
Signed-off-by: Todd Vierling <todd.vierling@oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees@oracle.com>
projects / users / jedix / linux-maple.git / commit