| To: | "David S. Miller" <davem@xxxxxxxxxx>, Jeroen Vreeken <pe1rxq@xxxxxxxxx> |
|---|---|
| Subject: | [PATCH] (11/11) netrom - fix use after free in close |
| From: | Stephen Hemminger <shemminger@xxxxxxxx> |
| Date: | Wed, 13 Aug 2003 15:48:52 -0700 |
| Cc: | linux-hams@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| Organization: | Open Source Development Lab |
| Sender: | netdev-bounce@xxxxxxxxxxx |
netrom would oops if one did:
modprobe netrom
ifconfig -a
because the code in destroy was freeing the socket then release_sock was
called.
diff -Nru a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
--- a/net/netrom/af_netrom.c Wed Aug 13 15:33:26 2003
+++ b/net/netrom/af_netrom.c Wed Aug 13 15:33:26 2003
@@ -516,6 +516,7 @@
if (sk == NULL) return 0;
+ sock_hold(sk);
lock_sock(sk);
nr = nr_sk(sk);
@@ -551,6 +552,7 @@
sock->sk = NULL;
release_sock(sk);
+ sock_put(sk);
return 0;
}
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [PATCH] (9/11) netrom - convert to alloc_netdev, Stephen Hemminger |
|---|---|
| Next by Date: | [PATCH] (5/11) netrom - lock sockets during usage, Stephen Hemminger |
| Previous by Thread: | [PATCH] (9/11) netrom - convert to alloc_netdev, Stephen Hemminger |
| Next by Thread: | [PATCH] (5/11) netrom - lock sockets during usage, Stephen Hemminger |
| Indexes: | [Date] [Thread] [Top] [All Lists] |