[Devel] Re: [PATCH] Fix kfree() corruption in sock_read_buffer_sendmsg()
Oren Laadan
orenl at librato.com
Fri Aug 14 13:21:34 PDT 2009
Serge E. Hallyn wrote:
> Quoting Dan Smith (danms at us.ibm.com):
>> The memcpy_from_iovec() function that the unix sendmsg functions use modifies
>> the struct msghdr. Since the current code uses the msg.iovec_base pointer
>> in the msghdr for the kmalloc() and kfree(), we end up freeing the wrong
>> pointer. This patch stores the original address in a separate pointer and
>> corrects the kfree() call to use it.
>>
>> Cc: serue at us.ibm.com
>> Signed-off-by: Dan Smith <danms at us.ibm.com>
>
> Tested-by: Serge Hallyn <serue at us.ibm.com>
Pulled.
Oren.
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list