On Mon, Dec 24, 2012 at 01:58:14PM +0800, Chen Gang wrote:
>
> set s->base = NULL, after kfree it.
>
> Signed-off-by: Chen Gang <gang.chen@xxxxxxxxxxx>
Was this to fix something flagged by some static code checker? The
only caller of ext3_xattr_block_set() is ext3_xattr_set_handle(), and
s->base is stored on the stack, and as soon as ext3_xattr_block_set()
returns, the object will disappear. So it seems pretty hard to see
how this could lead to a use-after-free bug.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
