Re: [PATCH] drivers/block/null_blk/main: Fix a double free in null_init.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 4/26/21 8:32 AM, Lv Yunlong wrote:
> In null_init, null_add_dev(dev) is called.
> In null_add_dev, it calls null_free_zoned_dev(dev) to free dev->zones
> via kvfree(dev->zones) in out_cleanup_zone branch and returns err.
> Then null_init accept the err code and then calls null_free_dev(dev).
> 
> But in null_free_dev(dev), dev->zones is freed again by
> null_free_zoned_dev().
> 
> My patch set dev->zones to NULL in null_free_zoned_dev() after
> kvfree(dev->zones) is called, to avoid the double free.

Applied, thanks.

-- 
Jens Axboe
[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux