[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] Null pointer dereference at free_vm_area()

  • To: xen-devel@xxxxxxxxxxxxxxxxxxx
  • From: glommer@xxxxxxxxxx (Glauber de Oliveira Costa)
  • Date: Mon, 26 Dec 2005 13:58:57 -0200
  • Delivery-date: Mon, 26 Dec 2005 16:02:47 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Hi folks,

The free_vm_area() function may crash if it gets a NULL pointer as a
parameter. I do think that the right behaviour should be returning in
this case. This is, for example, the same behaviour of kfree(), and as
alloc_vm_area() may also return NULL, it may lead to a more elegant 
alloc/free sequence in case of a fail.

In case you agree with that, a patch follows.

Signed-off-by: Glauber de Oliveira Costa <glommer@xxxxxxxxxx>

-- 
glommer

diff -r 829517be689f linux-2.6-xen-sparse/drivers/xen/util.c
--- a/linux-2.6-xen-sparse/drivers/xen/util.c   Fri Dec 23 15:42:46 2005
+++ b/linux-2.6-xen-sparse/drivers/xen/util.c   Mon Dec 26 15:47:50 2005
@@ -35,6 +35,8 @@
 void free_vm_area(struct vm_struct *area)
 {
        struct vm_struct *ret;
+       if (!area)
+               return;
        ret = remove_vm_area(area->addr);
        BUG_ON(ret != area);
        kfree(area);

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.