Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
phyus
/
linux-vybrid_public
8
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Pārlūkot izejas kodu

[CIFS] possible memory corruption on mount

CIFS cleanup_volume_info_contents() looks like having a memory
corruption problem.
When UNCip is set to "&vol->UNC[2]" in cifs_parse_mount_options(), it
should not be kfree()-ed in cleanup_volume_info_contents().

Introduced in commit b946845a9dc523c759cae2b6a0f6827486c3221a

Signed-off-by: J.R. Okajima <hooanon05@yahoo.co.jp>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
CC: Stable <stable@kernel.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Steve French 14 gadi atpakaļ
vecāks
fa71f44706
revīzija
13589c437d
1 mainītis faili ar 2 papildinājumiem un 1 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 2 1
      fs/cifs/connect.c

+ 2 - 1
fs/cifs/connect.c
Parādīt failu 

@@ -2878,7 +2878,8 @@ cleanup_volume_info_contents(struct smb_vol *volume_info)
 
 	kfree(volume_info->username);
 
 	kzfree(volume_info->password);
 
 	kfree(volume_info->UNC);
 
-	kfree(volume_info->UNCip);
 
+	if (volume_info->UNCip != volume_info->UNC + 2)
 
+		kfree(volume_info->UNCip);
 
 	kfree(volume_info->domainname);
 
 	kfree(volume_info->iocharset);
 
 	kfree(volume_info->prepath);