powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
381 Commits
1 Branch
0 Tags
390 MiB
 
 
 
 
 
 
Tree: e2c794ae7f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e2c794ae7f'
${ noResults }
base/SOURCES/autofs-5.1.1-fix-use-after-...

37 lines
1.0 KiB
Raw Blame History

autofs-5.1.1 - fix use-after-free in st_queue_handler()
From: Frank Sorenson <sorenson@redhat.com>
The task may be referenced after being freed. Move the
free to after the list_del_init.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
daemon/state.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
--- autofs-5.0.7.orig/CHANGELOG
+++ autofs-5.0.7/CHANGELOG
@@ -204,6 +204,7 @@
- fix use after free in open_lookup().
- fix typo in autofs_sasl_bind().
- add configuration option to use fqdn in mounts.
+- fix use-after-free in st_queue_handler().
25/07/2012 autofs-5.0.7
=======================
--- autofs-5.0.7.orig/daemon/state.c
+++ autofs-5.0.7/daemon/state.c
@@ -1179,9 +1179,9 @@ remove:
struct state_queue, pending);
list_del(&task->list);
+ list_del_init(&next->pending);
free(task);
- list_del_init(&next->pending);
list_add_tail(&next->list, head);
if (p == head)
p = head->next;