From 9ae781dfcfc5aa83d11eebee3ecb61b81d502bf8 Mon Sep 17 00:00:00 2001 From: Konstantin Belousov Date: Fri, 18 Dec 2009 14:27:18 +0000 Subject: [PATCH] Signal 0 is used to check the permission for current process to signal target one. Since r184058, linux_do_tkill() calls tdsignal() instead of kill(), without checking for validity of supplied signal number. Prevent panic when supplied signal is 0 by finishing work after checks. Found and tested by: scf MFC after: 3 days --- sys/compat/linux/linux_signal.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/compat/linux/linux_signal.c b/sys/compat/linux/linux_signal.c index 5910d627d8d..9cc05ed99b8 100644 --- a/sys/compat/linux/linux_signal.c +++ b/sys/compat/linux/linux_signal.c @@ -565,7 +565,7 @@ linux_do_tkill(struct thread *td, l_int tgid, l_int pid, l_int signum) AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, signum); - if (error) + if (error != 0 || signum == 0) goto out; error = ESRCH;