Re: [PATCH 1/1] io_uring: fix bad free in io_sqe_files_register

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 4/20/19 7:42 PM, Dan Robertson wrote:
> Given bad input to the io_uring_register syscall the io_ring_ctx
> user_files member is cleaned up in io_sqe_files_register, but a
> following call to io_uring_release will result in a double-free.

This was already fixed for -rc5 last week, in this commit:

commit 25adf50fe25d506d3fc12070a5ff4be858a1ac1b
Author: Jens Axboe <axboe@xxxxxxxxx>
Date:   Wed Apr 3 09:52:40 2019 -0600

    io_uring: fix double free in case of fileset regitration failure

-- 
Jens Axboe
[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux