diff options
author | Hardik Arya <harya@codeaurora.org> | 2018-11-23 10:41:41 +0530 |
---|---|---|
committer | Gerrit - the friendly Code Review server <code-review@localhost> | 2019-01-09 07:51:26 -0800 |
commit | 44ffa80a5e3453a0c154e7818d0f0c87dca0e620 (patch) | |
tree | ac04a79d4cd7752c5811f2bc78c80eb878814c00 | |
parent | 5c0b6a0c9a3ef1995c89c329a39fcced60a0bb04 (diff) |
diag: Mark Buffer as NULL after freeingLE.UM.2.3.2-05100-SDX24
There is a possibility of use-after-free and
double free because of not marking buffer as
NULL after freeing. The patch marks buffer
as NULL after freeing in error case.
Change-Id: Iacf8f8a4a4e644f48c87d5445ccd594766f2e156
Signed-off-by: Hardik Arya <harya@codeaurora.org>
-rw-r--r-- | drivers/char/diag/diag_masks.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/char/diag/diag_masks.c b/drivers/char/diag/diag_masks.c index 7be5a06f7f82..395209473a3b 100644 --- a/drivers/char/diag/diag_masks.c +++ b/drivers/char/diag/diag_masks.c @@ -1772,6 +1772,7 @@ static int __diag_mask_init(struct diag_mask_info *mask_info, int mask_len, mask_info->update_buf = kzalloc(update_buf_len, GFP_KERNEL); if (!mask_info->update_buf) { kfree(mask_info->ptr); + mask_info->ptr = NULL; return -ENOMEM; } kmemleak_not_leak(mask_info->update_buf); |