[PATCH 2/9] uml: make daemon transport behave properly
From: Paolo 'Blaisorblade' Giarrusso
Date: Tue Jan 17 2006 - 19:27:49 EST
From: Paolo 'Blaisorblade' Giarrusso <blaisorblade@xxxxxxxx>
Avoid uninitialized data in the daemon_data structure. I used this transport
before doing proper setup before-hand, and I got some very nice SLAB corruption
due to freeing crap pointers. So just make sure to clear everything when
appropriate.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@xxxxxxxx>
---
arch/um/drivers/daemon_kern.c | 4 ++++
arch/um/drivers/daemon_user.c | 6 ++++++
2 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/arch/um/drivers/daemon_kern.c b/arch/um/drivers/daemon_kern.c
index 30d285b..507e3cb 100644
--- a/arch/um/drivers/daemon_kern.c
+++ b/arch/um/drivers/daemon_kern.c
@@ -31,6 +31,10 @@ void daemon_init(struct net_device *dev,
dpri->fd = -1;
dpri->control = -1;
dpri->dev = dev;
+ /* We will free this pointer. If it contains crap we're burned. */
+ dpri->ctl_addr = NULL;
+ dpri->data_addr = NULL;
+ dpri->local_addr = NULL;
printk("daemon backend (uml_switch version %d) - %s:%s",
SWITCH_VERSION, dpri->sock_type, dpri->ctl_sock);
diff --git a/arch/um/drivers/daemon_user.c b/arch/um/drivers/daemon_user.c
index 1bb085b..c944265 100644
--- a/arch/um/drivers/daemon_user.c
+++ b/arch/um/drivers/daemon_user.c
@@ -158,10 +158,16 @@ static void daemon_remove(void *data)
struct daemon_data *pri = data;
os_close_file(pri->fd);
+ pri->fd = -1;
os_close_file(pri->control);
+ pri->control = -1;
+
kfree(pri->data_addr);
+ pri->data_addr = NULL;
kfree(pri->ctl_addr);
+ pri->ctl_addr = NULL;
kfree(pri->local_addr);
+ pri->local_addr = NULL;
}
int daemon_user_write(int fd, void *buf, int len, struct daemon_data *pri)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/