[CRIU] [PATCH] lazy_image(): avoid NULL deref
Andrew Vagin
avagin at odin.com
Fri May 1 03:55:13 PDT 2015
On Thu, Apr 30, 2015 at 04:25:43PM -0700, Kir Kolyshkin wrote:
> Do check img before deferefencing, just as in empty_image().
I would prefer to remove this check from empty_image(). A caller of
open_image() must handler errors.
We can add this check into close_image() jast as in xfree().
diff --git a/image.c b/image.c
index 7f3ceb5..a6bc3f1 100644
--- a/image.c
+++ b/image.c
@@ -359,6 +359,8 @@ int open_image_lazy(struct cr_img *img)
void close_image(struct cr_img *img)
{
+ if (img == NULL)
+ return;
if (lazy_image(img))
xfree(img->path);
else if (!empty_image(img))
> This is an addition to commit 8ce37e67.
>
> Signed-off-by: Kir Kolyshkin <kir at openvz.org>
> ---
> include/image.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/image.h b/include/image.h
> index 55e63dd..76ad2e8 100644
> --- a/include/image.h
> +++ b/include/image.h
> @@ -146,7 +146,7 @@ static inline bool empty_image(struct cr_img *img)
>
> static inline bool lazy_image(struct cr_img *img)
> {
> - return img->_x.fd == LAZY_IMG_FD;
> + return img && img->_x.fd == LAZY_IMG_FD;
> }
>
> extern int open_image_lazy(struct cr_img *img);
> --
> 1.9.3
>
More information about the CRIU
mailing list