ipc, shm: guard against non-existant vma in shmdt(2)

When !CONFIG_MMU there's a chance we can derefence a NULL pointer when the VM area isn't found - check the return value of find_vma(). Also, remove the redundant -EINVAL return: retval is set to the proper return code and *only* changed to 0, when we actually unmap the segments. Signed-off-by: Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Sedat Dilek <sedat.dilek@gmail.com> Cc: Rik van Riel <riel@redhat.com> Cc: Manfred Spraul <manfred@colorfullife.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Davidlohr Bueso <davidlohr.bueso@hp.com> 2013-09-11 14:26:28 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> 2013-09-11 15:59:44 -0700
commit: 530fcd16d87cd2417c472a581ba5a1e501556c86 (patch)
tree: c741f07d57e5b6fdf5920c6ba87e59b779073aaf /ipc
parent: 05603c44a7627793219b0bd9a7b236099dc9cd9d (diff)
download: linux-530fcd16d87cd2417c472a581ba5a1e501556c86.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/ipc/shm.c b/ipc/shm.c
index cb2cedaa8808..a0ed957cefc9 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -1288,8 +1288,7 @@ SYSCALL_DEFINE1(shmdt, char __user *, shmaddr)
 #else /* CONFIG_MMU */
 	/* under NOMMU conditions, the exact address to be destroyed must be
 	 * given */
-	retval = -EINVAL;
-	if (vma->vm_start == addr && vma->vm_ops == &shm_vm_ops) {
+	if (vma && vma->vm_start == addr && vma->vm_ops == &shm_vm_ops) {
 		do_munmap(mm, vma->vm_start, vma->vm_end - vma->vm_start);
 		retval = 0;
 	}
author	Davidlohr Bueso <davidlohr.bueso@hp.com>	2013-09-11 14:26:28 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	2013-09-11 15:59:44 -0700
commit	530fcd16d87cd2417c472a581ba5a1e501556c86 (patch)
tree	c741f07d57e5b6fdf5920c6ba87e59b779073aaf /ipc
parent	05603c44a7627793219b0bd9a7b236099dc9cd9d (diff)
download	linux-530fcd16d87cd2417c472a581ba5a1e501556c86.tar.gz