[CRIU] [PATCH] irmap: don't try to dereference a null pointer

Andrew Vagin avagin at virtuozzo.com
Wed Mar 9 08:35:39 PST 2016


On Wed, Mar 09, 2016 at 07:18:40PM +0300, Pavel Emelyanov wrote:
> On 03/09/2016 06:27 PM, Andrey Vagin wrote:
> > From: Andrew Vagin <avagin at virtuozzo.com>
> > 
> > irmap_revalidate() sets a cursor to the next element or null,
> > then we try to dereference cursor->next in the for statemant.
> 
> Sigh... Is this v2 of "[PATCH 2/7] irmap: don't access a released variable"?

yes. But it looks completely different.

> 
> > Signed-off-by: Andrew Vagin <avagin at virtuozzo.com>
> > ---
> >  criu/irmap.c | 6 ++++--
> >  1 file changed, 4 insertions(+), 2 deletions(-)
> > 
> > diff --git a/criu/irmap.c b/criu/irmap.c
> > index c93a995..a69776c 100644
> > --- a/criu/irmap.c
> > +++ b/criu/irmap.c
> > @@ -243,10 +243,12 @@ char *irmap_lookup(unsigned int s_dev, unsigned long i_ino)
> >  	timing_start(TIME_IRMAP_RESOLVE);
> >  
> >  	hv = irmap_hashfn(s_dev, i_ino);
> > -	for (p = &cache[hv]; *p; p = &(*p)->next) {
> > +	for (p = &cache[hv]; *p; ) {
> >  		c = *p;
> > -		if (!(c->dev == s_dev && c->ino == i_ino))
> > +		if (!(c->dev == s_dev && c->ino == i_ino)) {
> > +			p = &(*p)->next;
> >  			continue;
> > +		}
> >  
> >  		if (c->revalidate && irmap_revalidate(c, p))
> >  			continue;
> > 
> 


More information about the CRIU mailing list