From 991bd3ba708b467a6b1de0788e0e1e558a087b0d Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Wed, 21 Oct 2009 19:27:17 -0700
Subject: Correct the safety-net escape WRT locking

Within a probe body, the "out" label starts the normal exit path,
including unlocking whatever globals are used in that probe.  Since the
unprivileged safety-net checks are before the locks are ever grabbed, we
should bypass the unlock on the way out.

* elaborate.cxx (derived_probe::emit_process_owner_assertion): Use
  "return" instead of "goto out".
---
 elaborate.cxx | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'elaborate.cxx')

diff --git a/elaborate.cxx b/elaborate.cxx
index c3f29603..626db280 100644
--- a/elaborate.cxx
+++ b/elaborate.cxx
@@ -157,7 +157,9 @@ derived_probe::emit_process_owner_assertion (translator_output* o)
   o->newline()   << "         \"Internal Error: Process %d does not belong to user %d in probe %s in --unprivileged mode\",";
   o->newline()   << "         current->tgid, _stp_uid, c->probe_point);";
   o->newline()   << "c->last_error = c->error_buffer;";
-  o->newline()   << "goto out;";
+  // NB: since this check occurs before probe locking, its exit should
+  // not be a "goto out", which would attempt unlocking.
+  o->newline()   << "return;";
   o->newline(-1) << "}";
   o->newline(-1) << "#endif";
 }
-- 
cgit