[PATCH] mm/kfence: fix null pointer dereference on pointer meta

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The pointer meta return from addr_to_metadata could be null, so
there is a potential null pointer dereference issue. Fix this
by adding a null check before dereference.

Fixes: 0ce20dd8 ("mm: add Kernel Electric-Fence infrastructure")
Signed-off-by: Chengfeng Ye <cyeaa@xxxxxxxxxxxxxx>
---
 mm/kfence/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mm/kfence/core.c b/mm/kfence/core.c
index 7a97db8bc8e7..7d2ec787e921 100644
--- a/mm/kfence/core.c
+++ b/mm/kfence/core.c
@@ -811,7 +811,7 @@ void __kfence_free(void *addr)
 	 * objects once it has been freed. meta->cache may be NULL if the cache
 	 * was destroyed.
 	 */
-	if (unlikely(meta->cache && (meta->cache->flags & SLAB_TYPESAFE_BY_RCU)))
+	if (unlikely(meta && meta->cache && (meta->cache->flags & SLAB_TYPESAFE_BY_RCU)))
 		call_rcu(&meta->rcu_head, rcu_guarded_free);
 	else
 		kfence_guarded_free(addr, meta, false);
-- 
2.17.1
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux