[PATCH 6/6] kdbus: fix NULL-deref in activator cleanup

From: David Herrmann
Date: Thu Jul 02 2015 - 04:30:33 EST

Next message: David Herrmann: "[PATCH 5/6] kdbus: pin namespaces on HELLO"
Previous message: David Herrmann: "[PATCH 3/6] kdbus: drop unused 'bloom_generation' field"
In reply to: David Herrmann: "[PATCH 3/6] kdbus: drop unused 'bloom_generation' field"
Next in thread: David Herrmann: "[PATCH 5/6] kdbus: pin namespaces on HELLO"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Right now, we always assume an activator has a valid name and
conn->activator_of is set. However, this assumption is not true if the
setup of the activator fails. In those cases, the ->flags field indicates
an activator, but the name might not have been claimed, yet.

Fix the destructor of connections to not assume all activators have
claimed names.

Signed-off-by: David Herrmann <dh.herrmann@xxxxxxxxx>
---
ipc/kdbus/names.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipc/kdbus/names.c b/ipc/kdbus/names.c
index d77ee08..057f806 100644
--- a/ipc/kdbus/names.c
+++ b/ipc/kdbus/names.c
@@ -444,7 +444,7 @@ void kdbus_name_release_all(struct kdbus_name_registry *reg,

down_write(&reg->rwlock);

- if (kdbus_conn_is_activator(conn)) {
+ if (conn->activator_of) {
activator = conn->activator_of->activator;
conn->activator_of->activator = NULL;
}
--
2.4.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Herrmann: "[PATCH 5/6] kdbus: pin namespaces on HELLO"
Previous message: David Herrmann: "[PATCH 3/6] kdbus: drop unused 'bloom_generation' field"
In reply to: David Herrmann: "[PATCH 3/6] kdbus: drop unused 'bloom_generation' field"
Next in thread: David Herrmann: "[PATCH 5/6] kdbus: pin namespaces on HELLO"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]