rpms / rdma-core

Clone
Source Code
GIT

Blame SOURCES/0001-srp_daemon-fix-a-double-free-segment-fault-for-ibsrp.patch

c7 c7-alt c7-armhfp c7-beta c8 c8-beta c8-sig-altarch-armhfp c8s c9 c9-beta
  1.   96ca5f0c5d24dd976a536d4c53548c5b4f797996
  2.   SOURCES
  3.   0001-srp_daemon-fix-a-double-free-segment-fault-for-ibsrp.patch
Blob History Raw
96ca5f 
From 213d508e72e5243db5711510b1d48b93b0aed9df Mon Sep 17 00:00:00 2001
96ca5f 
From: Honggang Li <honli@redhat.com>
96ca5f 
Date: Thu, 19 Sep 2019 14:40:45 +0800
96ca5f 
Subject: [PATCH rdma-core 1/5] srp_daemon: fix a double free segment fault for
96ca5f 
 ibsrpdm
96ca5f
96ca5f 
[ Upstream commit 0b09980860a05ec5feb25f7849c2d703db5c157e ]
96ca5f
96ca5f 
Command: ./ibsrpdm -d /dev/infiniband/umadX
96ca5f
96ca5f 
Invalid free() / delete / delete[] / realloc()
96ca5f 
   at 0x4C320DC: free (vg_replace_malloc.c:540)
96ca5f 
   by 0x403BBB: free_config (srp_daemon.c:1811)
96ca5f 
   by 0x4031BE: ibsrpdm (srp_daemon.c:2113)
96ca5f 
   by 0x4031BE: main (srp_daemon.c:2153)
96ca5f 
 Address 0x5ee5fd0 is 0 bytes inside a block of size 16 free'd
96ca5f 
   at 0x4C320DC: free (vg_replace_malloc.c:540)
96ca5f 
   by 0x404851: translate_umad_to_ibdev_and_port (srp_daemon.c:729)
96ca5f 
   by 0x404851: set_conf_dev_and_port (srp_daemon.c:1586)
96ca5f 
   by 0x403171: ibsrpdm (srp_daemon.c:2092)
96ca5f 
   by 0x403171: main (srp_daemon.c:2153)
96ca5f 
 Block was alloc'd at
96ca5f 
   at 0x4C30EDB: malloc (vg_replace_malloc.c:309)
96ca5f 
   by 0x40478D: translate_umad_to_ibdev_and_port (srp_daemon.c:698)
96ca5f 
   by 0x40478D: set_conf_dev_and_port (srp_daemon.c:1586)
96ca5f 
   by 0x403171: ibsrpdm (srp_daemon.c:2092)
96ca5f 
   by 0x403171: main (srp_daemon.c:2153)
96ca5f
96ca5f 
Signed-off-by: Honggang Li <honli@redhat.com>
96ca5f 
Reviewed-by: Bart Van Assche <bvanassche@acm.org>
96ca5f 
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
96ca5f 
Signed-off-by: Nicolas Morey-Chaisemartin <nmoreychaisemartin@suse.com>
96ca5f 
---
96ca5f 
 srp_daemon/srp_daemon.c | 1 +
96ca5f 
 1 file changed, 1 insertion(+)
96ca5f
96ca5f 
diff --git a/srp_daemon/srp_daemon.c b/srp_daemon/srp_daemon.c
96ca5f 
index baf4957a..82dc929f 100644
96ca5f 
--- a/srp_daemon/srp_daemon.c
96ca5f 
+++ b/srp_daemon/srp_daemon.c
96ca5f 
@@ -724,6 +724,7 @@ end:
96ca5f 
 	if (ret) {
96ca5f 
 		free(*ibport);
96ca5f 
 		free(*ibdev);
96ca5f 
+		*ibdev = NULL;
96ca5f 
 	}
96ca5f 
 	free(class_dev_path);
96ca5f
96ca5f 
--
96ca5f 
2.20.1
96ca5f

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation