svn commit: r277625 - stable/10/sys/kern
Xin LI
delphij at FreeBSD.org
Sat Jan 24 00:27:51 UTC 2015
Author: delphij
Date: Sat Jan 24 00:27:50 2015
New Revision: 277625
URL: https://svnweb.freebsd.org/changeset/base/277625
Log:
MFC r276904:
Improve style and fix a possible use-after-free case introduced in r268384
by reinitializing the 'freestate' pointer after freeing the memory.
Obtained from: HardenedBSD (71fab80c5dd3034b71a29a61064625018671bbeb)
PR: 194525
Submitted by: Oliver Pinter <oliver.pinter at hardenedbsd.org>
Modified:
stable/10/sys/kern/kern_lockf.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/sys/kern/kern_lockf.c
==============================================================================
--- stable/10/sys/kern/kern_lockf.c Sat Jan 24 00:04:34 2015 (r277624)
+++ stable/10/sys/kern/kern_lockf.c Sat Jan 24 00:27:50 2015 (r277625)
@@ -740,12 +740,13 @@ retry_setlock:
VI_UNLOCK(vp);
- if (freestate) {
+ if (freestate != NULL) {
sx_xlock(&lf_lock_states_lock);
LIST_REMOVE(freestate, ls_link);
sx_xunlock(&lf_lock_states_lock);
sx_destroy(&freestate->ls_lock);
free(freestate, M_LOCKF);
+ freestate = NULL;
}
if (error == EDOOFUS) {
More information about the svn-src-stable
mailing list