The linux times syscall can be called with a NULL pointer, so keep cool

and don't panic.

This fix is different from the patch submitted as it not only prevents
a NULL-pointer dereference, but also skips some work in this case.

Noticed by:	Dmitry Ganenko <dima@apk-inform.com>
Reviewed by:	rdivacky (the original version as in emulation@)
MFC after:	1 week
Security:	This is a RELENG_x_y candidate (local DoS).
Go ahead by:	secteam (cperciva)

1 files changed, 13 insertions, 11 deletions

diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c
index 8cd0294..46cff73 100644
--- a/sys/compat/linux/linux_misc.c
+++ b/sys/compat/linux/linux_misc.c
@@ -661,20 +661,22 @@ linux_times(struct thread *td, struct linux_times_args *args)
 		printf(ARGS(times, "*"));
 #endif
 
-	p = td->td_proc;
-	PROC_LOCK(p);
-	calcru(p, &utime, &stime);
-	calccru(p, &cutime, &cstime);
-	PROC_UNLOCK(p);
+	if (args->buf != NULL) {
+		p = td->td_proc;
+		PROC_LOCK(p);
+		calcru(p, &utime, &stime);
+		calccru(p, &cutime, &cstime);
+		PROC_UNLOCK(p);
 
-	tms.tms_utime = CONVTCK(utime);
-	tms.tms_stime = CONVTCK(stime);
+		tms.tms_utime = CONVTCK(utime);
+		tms.tms_stime = CONVTCK(stime);
 
-	tms.tms_cutime = CONVTCK(cutime);
-	tms.tms_cstime = CONVTCK(cstime);
+		tms.tms_cutime = CONVTCK(cutime);
+		tms.tms_cstime = CONVTCK(cstime);
 
-	if ((error = copyout(&tms, args->buf, sizeof(tms))))
-		return error;
+		if ((error = copyout(&tms, args->buf, sizeof(tms))))
+			return error;
+	}
 
 	microuptime(&tv);
 	td->td_retval[0] = (int)CONVTCK(tv);