| To: | Li Zhong <zhong@xxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] xfsprogs: fix potential memory free issues in quota_group_type() |
| From: | Mark Tinguely <tinguely@xxxxxxx> |
| Date: | Tue, 24 Sep 2013 13:33:16 -0500 |
| Cc: | xfsprogs <xfs@xxxxxxxxxxx>, Chandra Seetharaman <sekharan@xxxxxxxxxx> |
| Delivered-to: | xfs@xxxxxxxxxxx |
| In-reply-to: | <1379832353.4089.10.camel@ThinkPad-T5421> |
| References: | <1379832353.4089.10.camel@ThinkPad-T5421> |
| User-agent: | Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20120122 Thunderbird/9.0 |
On 09/22/13 01:45, Li Zhong wrote: This patch tries to fix CID 997009 reported by Coverity scan, as suggested by sekharan If getgroups() fails, gids might be malloced, and overwritten with &gid. So the free() at the end of the function is trying to free a variable on the stack, while the pointer to the allocated memory is lost. Signed-off-by: Li Zhong<zhong@xxxxxxxxxxxxxxxxxx> --- Looks good to me.And it seems that dofree would always be true in the following else statement. Reviewed-by: Mark Tinguely <tinguely@xxxxxxx> |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH 0/5] xfs: fixes for 3.12-rc3, Ben Myers |
|---|---|
| Next by Date: | Re: [PATCH] xfsprogs: fix potential memory leak in verify_set_primary_sb(), Mark Tinguely |
| Previous by Thread: | [PATCH] xfsprogs: fix potential memory free issues in quota_group_type(), Li Zhong |
| Next by Thread: | [PATCH] xfs: fix the wrong new_size/rnew_size at xfs_iext_realloc_direct(), Jeff Liu |
| Indexes: | [Date] [Thread] [Top] [All Lists] |