rpms / nfs-utils

Clone
Source Code
GIT

Blame SOURCES/nfs-utils-1.3.0-statd-useaafter.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c7-beta
  2.   SOURCES
  3.   nfs-utils-1.3.0-statd-useaafter.patch
Blob History Raw
64c563 
commit 86604e2bd536ea48832dd0bf3d95b15de4de2733
64c563 
Author: Steve Dickson <steved@redhat.com>
64c563 
Date:   Thu Sep 6 10:22:11 2018 -0400
64c563
64c563 
    statd: fix use-after-free in monitor list if insertion fails
64c563
64c563 
    If nsm_insert_monitored_host() fails while saving the record to
64c563 
    stable storage, we can't just assume the entry was new. Existing
64c563 
    records must be removed from the list before being freed.
64c563
64c563 
    Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
64c563 
    Signed-off-by: Frank Sorenson <sorenson@redhat.com>
64c563 
    Signed-off-by: Steve Dickson <steved@redhat.com>
64c563
64c563 
diff --git a/utils/statd/monitor.c b/utils/statd/monitor.c
64c563 
index 45c4346..9400048 100644
64c563 
--- a/utils/statd/monitor.c
64c563 
+++ b/utils/statd/monitor.c
64c563 
@@ -197,7 +197,7 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp)
64c563
64c563 
 	if (!nsm_insert_monitored_host(dnsname,
64c563 
 				(struct sockaddr *)(char *)&my_addr, argp)) {
64c563 
-		nlist_free(NULL, clnt);
64c563 
+		nlist_free(existing ? &rtnl : NULL, clnt);
64c563 
 		goto failure;
64c563 
 	}
64c563

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation