[PATCH] de_thread memory corruption fix

From: Manfred Spraul <manfred@colorfullife.com> de_thread calls list_del(&current->tasks), but current->tasks was never added to the task list. The structure contains stale values from the parent. switch_exec_pid() transforms a normal thread to a thread group leader. Thread group leaders are included in the init_task.tasks linked list, non-leaders are not in that list. The patch adds the new thread group leader to the linked list, otherwise de_thread corrupts the task list.

[PATCH] de_thread memory corruption fix
From: Manfred Spraul <manfred@colorfullife.com> de_thread calls list_del(&current->tasks), but current->tasks was never added to the task list. The structure contains stale values from the parent. switch_exec_pid() transforms a normal thread to a thread group leader. Thread group leaders are included in the init_task.tasks linked list, non-leaders are not in that list. The patch adds the new thread group leader to the linked list, otherwise de_thread corrupts the task list.
172edfcb · Andrew Morton · Linus Torvalds · 7953a508 · 172edfcb
Commit 172edfcb authored May 12, 2003 by Andrew Morton Committed by Linus Torvalds May 12, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

kernel/pid.c kernel/pid.c +1 -0

No files found.
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -252,6 +252,7 @@ void switch_exec_pids(task_t *leader, task_t *thread)
 	attach_pid(thread, PIDTYPE_TGID, thread->tgid);
 	attach_pid(thread, PIDTYPE_PGID, thread->pgrp);
 	attach_pid(thread, PIDTYPE_SID, thread->session);
+	list_add_tail(&thread->tasks, &init_task.tasks);

 	attach_pid(leader, PIDTYPE_PID, leader->pid);
 	attach_pid(leader, PIDTYPE_TGID, leader->tgid);