rpms / nfs-utils

Clone
Source Code
GIT

Blame SOURCES/nfs-utils-1.3.0-statd-useaafter.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   1f43286dc7eefb9d569774d9378d9537238f7129
  2.   SOURCES
  3.   nfs-utils-1.3.0-statd-useaafter.patch
Blob History Raw
3a6d19 
commit 86604e2bd536ea48832dd0bf3d95b15de4de2733
3a6d19 
Author: Steve Dickson <steved@redhat.com>
3a6d19 
Date:   Thu Sep 6 10:22:11 2018 -0400
3a6d19
3a6d19 
    statd: fix use-after-free in monitor list if insertion fails
3a6d19
3a6d19 
    If nsm_insert_monitored_host() fails while saving the record to
3a6d19 
    stable storage, we can't just assume the entry was new. Existing
3a6d19 
    records must be removed from the list before being freed.
3a6d19
3a6d19 
    Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
3a6d19 
    Signed-off-by: Frank Sorenson <sorenson@redhat.com>
3a6d19 
    Signed-off-by: Steve Dickson <steved@redhat.com>
3a6d19
3a6d19 
diff --git a/utils/statd/monitor.c b/utils/statd/monitor.c
3a6d19 
index 45c4346..9400048 100644
3a6d19 
--- a/utils/statd/monitor.c
3a6d19 
+++ b/utils/statd/monitor.c
3a6d19 
@@ -197,7 +197,7 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp)
3a6d19
3a6d19 
 	if (!nsm_insert_monitored_host(dnsname,
3a6d19 
 				(struct sockaddr *)(char *)&my_addr, argp)) {
3a6d19 
-		nlist_free(NULL, clnt);
3a6d19 
+		nlist_free(existing ? &rtnl : NULL, clnt);
3a6d19 
 		goto failure;
3a6d19 
 	}
3a6d19

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation