| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 Dec 2012 16:19:53 +0100 From: Jan Kara <jack@...e.cz> To: Chen Gang <gang.chen@...anux.com> Cc: Theodore Ts'o <tytso@....edu>, jack@...e.cz, akpm@...ux-foundation.org, linux-ext4@...r.kernel.org Subject: Re: [PATCH] fs/ext3: set pointer = NULL, after kfree it On Wed 26-12-12 10:33:12, Chen Gang wrote: > 于 2012年12月26日 02:51, Theodore Ts'o 写道: > > On Mon, Dec 24, 2012 at 01:58:14PM +0800, Chen Gang wrote: > >> > >> set s->base = NULL, after kfree it. > >> > >> Signed-off-by: Chen Gang <gang.chen@...anux.com> > > > > Was this to fix something flagged by some static code checker? The > > only caller of ext3_xattr_block_set() is ext3_xattr_set_handle(), and > > s->base is stored on the stack, and as soon as ext3_xattr_block_set() > > returns, the object will disappear. So it seems pretty hard to see > > how this could lead to a use-after-free bug. > > > > - Ted > > > > > > this patch is not for a bug > > it is only for coding habit: > it is better to set is to NULL, after kfree it. > in the future, if another functions need call ext3_xattr_block_set, too. > it will avoid another members to make mistake. Well, we set pointers to NULL after kfree() only if there's a good chance we ever look at the pointer again. This is not the case so I don't think this change makes the code any more safer / easier to read. Honza -- Jan Kara <jack@...e.cz> SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists