Re: KASAN: use-after-free Read in usb_free_coherent

From: Oliver Neukum
Date: Mon Aug 05 2019 - 05:59:20 EST

Next message: Sanyog Kale: "Re: [RFC PATCH 24/40] soundwire: cadence_master: use BIOS defaults for frame shape"
Previous message: Rafael J. Wysocki: "Re: [PATCH v5 1/3] PM: wakeup: Add routine to help fetch wakeup source object."
In reply to: Suzuki K Poulose: "Re: KASAN: use-after-free Read in usb_free_coherent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Donnerstag, den 01.08.2019, 11:52 +0100 schrieb Suzuki K Poulose:
>
> Looks like the yurex_delete() drops the ref count on the dev->udev
> way early in the function and then later tries to see if there
> are any other buffers associated with it worth releasing. So,
> I am guessing moving the usb_put_dev(), after we have finished
> all that might solve the issue ?

Hi,

the fix looks good to me.

Regards
Oliver

Next message: Sanyog Kale: "Re: [RFC PATCH 24/40] soundwire: cadence_master: use BIOS defaults for frame shape"
Previous message: Rafael J. Wysocki: "Re: [PATCH v5 1/3] PM: wakeup: Add routine to help fetch wakeup source object."
In reply to: Suzuki K Poulose: "Re: KASAN: use-after-free Read in usb_free_coherent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]