Re: [PATCH] namei: free new_dentry late

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Nov 24, 2018 at 07:51:17PM +0000, Al Viro wrote:
> On Sat, Nov 24, 2018 at 05:23:24PM +0800, Pan Bian wrote:
> > After calling dput(new_dentry), new_dentry is passed to fsnotify_move.
> > This may result in a use-after-free bug. This patch moves the put
> > operation late.
> >
> > Fixes: 49d31c2f389a("dentry name snapshots")
> 
> What does that commit have to do with anything?  The broken part is
>                         fsnotify_move(new_dir, old_dir, old_dentry->d_name.name,
>                                       new_is_dir, NULL, new_dentry);
> and it predates that commit by 3 years - it came from da1ce0670c14 ("vfs: add
> cross-rename")...

Thank you for pointing out my mistake! I will correct it and resubmit
the patch!

Best regards,
Pan
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux