Re: [CHECKER] 2.4.5-ac4 use of freed pointers

From: Alan Cox (alan@lxorguk.ukuu.org.uk)
Date: Fri Jun 01 2001 - 03:48:51 EDT

Next message: Geert Uytterhoeven: "Re: [CHECKER] 2.4.5-ac4 non-init functions calling init functions"

Previous message: Jeff Garzik: "Re: [PATCH] support for Cobalt Networks (x86 only) systems (for real this time)"
In reply to: Dawson Engler: "[CHECKER] 2.4.5-ac4 use of freed pointers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> if (!rose_route_frame(skbn, NULL)) {
> Start --->
> kfree_skb(skbn);
> stats->tx_errors++;

Missing return - fixed

> [BUG] frees then uses the next pointer.
> /u2/engler/mc/oses/linux/2.4.5-ac4/drivers/net/wan/lapbether.c:101:lapbeth_check_devices: ERROR:FREE:113:101: Use-after-free of 'lapbeth'! set by 'kfree':113
> save_flags(flags);

Fixed

> [BUG] frees then uses the next pointer.
> /u2/engler/mc/oses/linux/2.4.5-ac4/drivers/net/hamradio/bpqether.c:178:bpq_check_devices: ERROR:FREE:193:178: Use-after-free of 'bpq'! set by 'kfree':193
> save_flags(flags);
>

Fixed
cli();

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Geert Uytterhoeven: "Re: [CHECKER] 2.4.5-ac4 non-init functions calling init functions"
Previous message: Jeff Garzik: "Re: [PATCH] support for Cobalt Networks (x86 only) systems (for real this time)"
In reply to: Dawson Engler: "[CHECKER] 2.4.5-ac4 use of freed pointers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jun 01 2001 - 03:58:43 EDT