| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 6 Apr 2021 18:53:32 -0500
From: Aditya Pakki <pakki001@....edu>
To: pakki001@....edu
Cc: Vivek Goyal <vgoyal@...hat.com>,
Stefan Hajnoczi <stefanha@...hat.com>,
Miklos Szeredi <miklos@...redi.hu>,
virtualization@...ts.linux-foundation.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] fuse: Avoid potential use after free
In virtio_fs_get_tree, after fm is freed, it is again freed in case
s_root is NULL and virtio_fs_fill_super() returns an error. To avoid
a double free, set fm to NULL.
Signed-off-by: Aditya Pakki <pakki001@....edu>
---
fs/fuse/virtio_fs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c
index 4ee6f734ba83..a7484c1539bf 100644
--- a/fs/fuse/virtio_fs.c
+++ b/fs/fuse/virtio_fs.c
@@ -1447,6 +1447,7 @@ static int virtio_fs_get_tree(struct fs_context *fsc)
if (fsc->s_fs_info) {
fuse_conn_put(fc);
kfree(fm);
+ fm = NULL;
}
if (IS_ERR(sb))
return PTR_ERR(sb);
--
2.25.1
Powered by blists - more mailing lists