* [B.A.T.M.A.N.] [PATCH maint] batman-adv: avoid double free when orig_node initialization fails
@ 2014-02-11 19:00 Antonio Quartulli
0 siblings, 0 replies; only message in thread
From: Antonio Quartulli @ 2014-02-11 19:00 UTC (permalink / raw)
To: b.a.t.m.a.n; +Cc: Antonio Quartulli
In the failure path of the orig_node initialization routine
a double free is hit because orig_node->bat_iv.bcast_own is
not set to NULL after being free'd.
Fix it by setting bcast_own to NULL after having free'd it.
Signed-off-by: Antonio Quartulli <antonio@meshcoding.com>
---
bat_iv_ogm.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/bat_iv_ogm.c b/bat_iv_ogm.c
index c07e59f..cb4c18a 100644
--- a/bat_iv_ogm.c
+++ b/bat_iv_ogm.c
@@ -255,6 +255,8 @@ batadv_iv_ogm_orig_get(struct batadv_priv *bat_priv, const uint8_t *addr)
free_bcast_own:
kfree(orig_node->bat_iv.bcast_own);
+ /* make it NULL to avoid second free in batadv_iv_ogm_orig_free() */
+ orig_node->bat_iv.bcast_own = NULL;
free_orig_node:
/* free twice, as batadv_orig_node_new sets refcount to 2 */
batadv_orig_node_free_ref(orig_node);
--
1.8.5.3
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2014-02-11 19:00 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-11 19:00 [B.A.T.M.A.N.] [PATCH maint] batman-adv: avoid double free when orig_node initialization fails Antonio Quartulli
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.