git.osdn.net Git - android-x86/kernel.git/commit

(root) / android-x86 / kernel.git / commit

author	Jens Axboe <axboe@fb.com>
	Thu, 17 Nov 2016 19:30:37 +0000 (12:30 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 10 Jan 2018 08:29:52 +0000 (09:29 +0100)
commit	3a381abc5b703c0f10c2792e97ec805674e9197e
tree	e42021acba907db899b8432b1ab523465e36c15d	tree \| snapshot
parent	2b9b2002e05d1aa7d8c930d09d4342a6abacd2dd	commit \| diff

nbd: fix use-after-free of rq/bio in the xmit path

commit 429a787be6793554ee02aacc7e1f11ebcecc4453 upstream.

For writes, we can get a completion in while we're still iterating
the request and bio chain. If that happens, we're reading freed
memory and we can crash.

Break out after the last segment and avoid having the iterator
read freed memory.

Reviewed-by: Josef Bacik <jbacik@fb.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

drivers/block/nbd.c

diff | blob | history

kernel

RSS Atom

About OSDN

Find Software

Develop Software

Help