[PATCH] 2.4.13pre3aa1: expand_fdset() may use invalid pointer

Chip Salzenberg (chip@pobox.com)
Wed, 17 Oct 2001 11:32:45 -0700


--u3/rZRmxL6MmkK24
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

In 2.4.13pre3aa1, expand_fdset() in fs/file.c has a couple of
execution paths that call kfree() on a pointer that hasn't yet been
initialized. A minimal patch is attached.

-- 
Chip Salzenberg               - a.k.a. -              <chip@pobox.com>
 "We have no fuel on board, plus or minus 8 kilograms."  -- NEAR tech

--u3/rZRmxL6MmkK24 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="aa-files_struct_rcu-2.4.10-04-1-kfree-fix"

Index: linux/fs/file.c --- linux/fs/file.c.old Tue Oct 16 23:28:16 2001 +++ linux/fs/file.c Wed Oct 17 00:29:43 2001 @@ -203,5 +203,5 @@ fd_set *new_openset = 0, *new_execset = 0; int error, nfds = 0; - struct rcu_fd_set *arg; + struct rcu_fd_set *arg = NULL; error = -EMFILE;

--u3/rZRmxL6MmkK24-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/