[PATCH] scsi: aacraid: Fix memory leak in open_getadapter_fib function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>> Just above the copy_to_user() call there is the following statement:
>>>
>>> 	list_add_tail(&fibctx->next, &dev->fib_list);
>>>
>>> Does that mean that the above kfree() will cause list corruption?
>> 
>> Yes, you are correct. I overlooked that fibctx is part of a list, and freeing the
>> memory without removing the list entry would corrupt the list.
>> The list entry should be deleted before freeing the memory if copy_to_user() fails.
>
> Are you sure that this is what the code should do?

Yes, removing the list entry before freeing the memory is necessary to maintain list 
integrity and prevent corruption. If there are any other methods, additional checks, 
or potential issues with this approach that I should consider, please let me know, 
and I'll make the necessary adjustments promptly.

Regards,
Riyan Dhiman




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux