xen-devel

[Top] [All Lists]

[Xen-devel] [PATCH] Null pointer dereference at free_vm_area()

from [Glauber de Oliveira Costa]

[Permanent Link][Original]

To:	xen-devel@xxxxxxxxxxxxxxxxxxx
Subject:	[Xen-devel] [PATCH] Null pointer dereference at free_vm_area()
From:	glommer@xxxxxxxxxx (Glauber de Oliveira Costa)
Date:	Mon, 26 Dec 2005 13:58:57 -0200
Delivery-date:	Mon, 26 Dec 2005 16:02:47 +0000
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mutt/1.5.9i

Hi folks,

The free_vm_area() function may crash if it gets a NULL pointer as a
parameter. I do think that the right behaviour should be returning in
this case. This is, for example, the same behaviour of kfree(), and as
alloc_vm_area() may also return NULL, it may lead to a more elegant 
alloc/free sequence in case of a fail.

In case you agree with that, a patch follows.

Signed-off-by: Glauber de Oliveira Costa <glommer@xxxxxxxxxx>

-- 
glommer

diff -r 829517be689f linux-2.6-xen-sparse/drivers/xen/util.c
--- a/linux-2.6-xen-sparse/drivers/xen/util.c   Fri Dec 23 15:42:46 2005
+++ b/linux-2.6-xen-sparse/drivers/xen/util.c   Mon Dec 26 15:47:50 2005
@@ -35,6 +35,8 @@
 void free_vm_area(struct vm_struct *area)
 {
        struct vm_struct *ret;
+       if (!area)
+               return;
        ret = remove_vm_area(area->addr);
        BUG_ON(ret != area);
        kfree(area);

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] [PATCH] Null pointer dereference at free_vm_area(), Glauber de Oliveira Costa <= Re: [Xen-devel] [PATCH] Null pointer dereference at free_vm_area(), Vincent Hanquez Re: [Xen-devel] [PATCH] Null pointer dereference at free_vm_area(), Glauber de Oliveira Costa

Previous by Date:	Re: [Xen-devel] Bad clock ticking in xen0, Tomas Kouba
Next by Date:	RE: [Xen-devel] Bad clock ticking in xen0, Ian Pratt
Previous by Thread:	[Xen-devel] [PATCH] Prevent vbd frontend from oopsing if the underlying device doesn't exist, Horms
Next by Thread:	Re: [Xen-devel] [PATCH] Null pointer dereference at free_vm_area(), Vincent Hanquez
Indexes:	[Date] [Thread] [Top] [All Lists]