[CRIU] [PATCH 2/8] shmem: don't unmap a memrory region in restore_shmem_content()
Andrey Vagin
avagin at openvz.org
Fri Oct 31 07:50:44 PDT 2014
This function doesn't allocate memory, so it should not release it.
CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE)
14. deref_arg: Calling munmap dereferences freed pointer addr.
Signed-off-by: Andrey Vagin <avagin at openvz.org>
---
shmem.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/shmem.c b/shmem.c
index 82bf9d3..2e9e4fc 100644
--- a/shmem.c
+++ b/shmem.c
@@ -129,7 +129,7 @@ static int restore_shmem_content(void *addr, struct shmem_info *si)
ret = open_page_read(si->shmid, &pr, opts.auto_dedup ? O_RDWR : O_RSTR, true);
if (ret)
- goto err_unmap;
+ return -1;
fd_pg = img_raw_fd(pr.pi);
while (1) {
@@ -168,9 +168,6 @@ static int restore_shmem_content(void *addr, struct shmem_info *si)
pr.close(&pr);
return ret;
-err_unmap:
- munmap(addr, si->size);
- return -1;
}
int get_shmem_fd(int pid, VmaEntry *vi)
--
1.9.3
More information about the CRIU
mailing list