Re: Potential free/use-after-free bugs

From: Greg KH (greg@kroah.com)
Date: Sat Mar 17 2001 - 16:47:58 EST

Next message: David Woodhouse: "Re: [CHECKER] 16 potential locking bugs in 2.4.1"
Previous message: Greg KH: "Re: [CHECKER] 120 potential dereference to invalid pointers errors for linux 2.4.1"
In reply to: Seth Andrew Hallem: "Potential free/use-after-free bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 16, 2001 at 10:17:30PM -0800, Seth Andrew Hallem wrote:
> [BUG] Potential double or more free.
> /home/shallem/oses/linux/2.4.1/drivers/usb/serial/belkin_sa.c:236:belkin_sa_shutdown:
> ERROR:FREE:237:236: Use-after-free of 'private'! set by 'kfree':237
>
> }
> /* My special items, the standard routines free my urbs */
> if (serial->port->private)
> Error --->
> Start --->
> kfree(serial->port->private);
> }
>
> [BUG] Copy paste of above potential bug.
> /home/shallem/oses/linux/2.4.1/drivers/usb/serial/mct_u232.c:277:mct_u232_shutdown:
> ERROR:FREE:278:277: Use-after-free of 'private'! set by 'kfree':278
>
> [BUG]

Damn fine catch, the author meant to say serial->port[i].private there.

Thanks, I'll fix these up.

greg k-h

-- 
greg@(kroah|wirex).com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: David Woodhouse: "Re: [CHECKER] 16 potential locking bugs in 2.4.1"
Previous message: Greg KH: "Re: [CHECKER] 120 potential dereference to invalid pointers errors for linux 2.4.1"
In reply to: Seth Andrew Hallem: "Potential free/use-after-free bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Mar 23 2001 - 21:00:10 EST