aoe: fix use after free in aoedev_by_aoeaddr() · 31279b1457 - Gogs

aoe: fix use after free in aoedev_by_aoeaddr()

We should return NULL on failure instead of returning a freed pointer.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Ed Cashin <ecashin@coraid.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Dan Carpenter 12 years ago

parent

2b37c7d865

commit

31279b1457

1 changed files with 1 additions and 0 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 0
						
drivers/block/aoe/aoedev.c
							 
								View File
							
				@@ -461,6 +461,7 @@ aoedev_by_aoeaddr(ulong maj, int min, int do_alloc)
			
				 	d->targets = kcalloc(NTARGETS, sizeof(*d->targets), GFP_ATOMIC);
			
				 	if (!d->targets) {
			
				 		kfree(d);
			
				+		d = NULL;
			
				 		goto out;
			
				 	}
			
				 	d->ntargets = NTARGETS;