d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFC r276904:

Browse Source 
Improve style and fix a possible use-after-free case introduced in r268384
by reinitializing the 'freestate' pointer after freeing the memory.

Obtained from:	HardenedBSD (71fab80c5dd3034b71a29a61064625018671bbeb)
PR:		194525
Submitted by:	Oliver Pinter <oliver.pinter@hardenedbsd.org>
This commit is contained in:
delphij 2015-01-24 00:27:50 +00:00
parent ae11365e35
commit f72184af7f
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sys/kern/kern_lockf.c
View File

@ -740,12 +740,13 @@ retry_setlock:
VI_UNLOCK(vp); VI_UNLOCK(vp);
if (freestate) { if (freestate != NULL) {
sx_xlock(&lf_lock_states_lock); sx_xlock(&lf_lock_states_lock);
LIST_REMOVE(freestate, ls_link); LIST_REMOVE(freestate, ls_link);
sx_xunlock(&lf_lock_states_lock); sx_xunlock(&lf_lock_states_lock);
sx_destroy(&freestate->ls_lock); sx_destroy(&freestate->ls_lock);
free(freestate, M_LOCKF); free(freestate, M_LOCKF);
freestate = NULL;
} }
if (error == EDOOFUS) { if (error == EDOOFUS) {