xenbus_xs.c: use-after-free

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* xenbus_xs.c: use-after-free
@ 2007-07-23  1:02 Adrian Bunk
  2007-07-23  1:11 ` [2.6.23 patch] xenbus_xs.c: fix a use-after-free Adrian Bunk
  0 siblings, 1 reply; 3+ messages in thread
From: Adrian Bunk @ 2007-07-23  1:02 UTC (permalink / raw)
  To: jeremy, chrisw; +Cc: xen-devel, linux-kernel

The Coverity checker spotted the following use-after-free
in drivers/xen/xenbus/xenbus_xs.c:

<--  snip  -->

...
static int process_msg(void)
{
...
                if (IS_ERR(msg->u.watch.vec)) {
                        kfree(msg);
                        err = PTR_ERR(msg->u.watch.vec);
...

<--  snip  -->

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [2.6.23 patch] xenbus_xs.c: fix a use-after-free
  2007-07-23  1:02 xenbus_xs.c: use-after-free Adrian Bunk
@ 2007-07-23  1:11 ` Adrian Bunk
  2007-07-23  6:47   ` Jeremy Fitzhardinge
  0 siblings, 1 reply; 3+ messages in thread
From: Adrian Bunk @ 2007-07-23  1:11 UTC (permalink / raw)
  To: jeremy, chrisw; +Cc: xen-devel, linux-kernel

This patch fixes an obvious use-after-free spotted by the Coverity checker.

Signed-off-by: Adrian Bunk <bunk@stusta.de>

---
--- linux-2.6.22-rc6-mm1/drivers/xen/xenbus/xenbus_xs.c.old	2007-07-23 03:04:20.000000000 +0200
+++ linux-2.6.22-rc6-mm1/drivers/xen/xenbus/xenbus_xs.c	2007-07-23 03:04:42.000000000 +0200
@@ -782,8 +782,8 @@ static int process_msg(void)
 		msg->u.watch.vec = split(body, msg->hdr.len,
 					 &msg->u.watch.vec_size);
 		if (IS_ERR(msg->u.watch.vec)) {
-			kfree(msg);
 			err = PTR_ERR(msg->u.watch.vec);
+			kfree(msg);
 			goto out;
 		}
 


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [2.6.23 patch] xenbus_xs.c: fix a use-after-free
  2007-07-23  1:11 ` [2.6.23 patch] xenbus_xs.c: fix a use-after-free Adrian Bunk
@ 2007-07-23  6:47   ` Jeremy Fitzhardinge
  0 siblings, 0 replies; 3+ messages in thread
From: Jeremy Fitzhardinge @ 2007-07-23  6:47 UTC (permalink / raw)
  To: Adrian Bunk; +Cc: jeremy, chrisw, xen-devel, linux-kernel

Adrian Bunk wrote:
> This patch fixes an obvious use-after-free spotted by the Coverity checker.
>
> Signed-off-by: Adrian Bunk <bunk@stusta.de>
>   

OK, thanks.

    J

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2007-07-23  6:48 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-23  1:02 xenbus_xs.c: use-after-free Adrian Bunk
2007-07-23  1:11 ` [2.6.23 patch] xenbus_xs.c: fix a use-after-free Adrian Bunk
2007-07-23  6:47   ` Jeremy Fitzhardinge

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox