Re: Catching use-after-free easily in linux kernel.

From: Al Viro
Date: Mon Mar 10 2025 - 20:36:03 EST

Next message: Jason Wang: "Re: [PATCH net-next v9 3/6] tun: Introduce virtio-net hash feature"
Previous message: Gabriel Gonzales: "[PATCH v3 2/2] arm64: dts: qcom: sm6125: Initial support for xiaomi-ginkgo"
In reply to: Amit: "Catching use-after-free easily in linux kernel."
Next in thread: Amit: "Re: Catching use-after-free easily in linux kernel."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 10, 2025 at 01:24:54PM +0530, Amit wrote:
> Hi,
>
> We can catch use-after-free easily if we do the following:
>
> kfree(x);
> (x) = NULL;
>
> Now, if someone uses 'x' again then the kernel will crash and we will know where
> the use-after-free is happening and then we can fix it.

That assumes that no pointer is ever stored in more than one place.
Which is very clearly false.

Next message: Jason Wang: "Re: [PATCH net-next v9 3/6] tun: Introduce virtio-net hash feature"
Previous message: Gabriel Gonzales: "[PATCH v3 2/2] arm64: dts: qcom: sm6125: Initial support for xiaomi-ginkgo"
In reply to: Amit: "Catching use-after-free easily in linux kernel."
Next in thread: Amit: "Re: Catching use-after-free easily in linux kernel."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]