On 19/01/2023 05:49, Xinghui Li wrote: > 在 2023/1/18 18:18,“Hans Verkuil”<hverkuil-cisco@xxxxxxxxx <mailto:hverkuil-cisco@xxxxxxxxx>> 写入: > >> ...while this free is called if data->blocking is true. (see the 'if (!block) return 0;' >> further up). > Do you mean this code? > > /* All done if we don't need to block waiting for completion */ > if (!block) > return 0; Yes. > I notice this part code. But I'm not sure if 'block' will be modified in other sync operations. > So I sent this patch for community to review. It's not modified anywhere else. > >> So I have my doubts if this patch actually addresses the correct issue. >> Do you have an actual debug trace of the UAF? Or even better, code to reproduce >> this issue. > > And we found this issue by the code scanning tool developed by loydlv and filtered from 200 issue by human. > So it could be the none-issue. If so, I hope I didn't waste too much of your time. I'll reject this patch since I believe this to be a false report. For future reference: if a patch is based on code scanning tools then it's good to mention that in the commit log. I wasn't aware that 'loydlv' is such a tool. Regards, Hans
