blob: 4d8ce04b7f22757ec04d83bbdfcda619ed96219c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
From 1c7c65a3e5d3e5f6d32bfa4cf0d872f87c654eb2 Mon Sep 17 00:00:00 2001
From: Zhipeng Xie <xiezhipeng1@huawei.com>
Date: Tue, 10 Apr 2018 09:25:39 +0800
Subject: [PATCH 1/9] mdadm: fix use-after-free after free_mdstat
e->percent access the mdstat_ent which was already freed in free_mdstat
Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
Detail.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/Detail.c b/Detail.c
index 4dcf81dd..860241ce 100644
--- a/Detail.c
+++ b/Detail.c
@@ -561,7 +561,6 @@ int Detail(char *dev, struct context *c)
printf(" %7s Status : %d%% complete\n",
sync_action[e->resync], e->percent);
}
- free_mdstat(ms);
if ((st && st->sb) && (info && info->reshape_active)) {
#if 0
@@ -609,6 +608,8 @@ This is pretty boring
printf("\n");
} else if (e && e->percent >= 0)
printf("\n");
+ free_mdstat(ms);
+
if (st && st->sb)
st->ss->detail_super(st, c->homehost);
--
2.17.0
|