[PATCH 0/2] Fix use-after-free and kmemleak in ubi_resize_volume()

From: Li Zetao
Date: Fri Oct 21 2022 - 05:19:39 EST

Next message: Li Zetao: "[PATCH 2/2] ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()"
Previous message: Amir Goldstein: "Re: [PATCH v2 2/3] fsnotify: Protect i_fsnotify_mask and child flags with inode rwsem"
Next in thread: Li Zetao: "[PATCH 2/2] ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patchset fixes two memory usage issues.

Patch 1 resolves the use-after-free issue, this is happening in volume
resizing failed. In volume resizing process, the old eba table will be
replaced by the new. But on error handing patch, the old eba will be
freed, which causing an use-after-free fault when resizing volume
next time.

Patch 2 resolves the kmemleak issue, this is also happening in volume
resizing failed. "new_eba_tbl" is created by ubi_eba_create_table()
but destroyed by kfree().

Li Zetao (2):
ubi: Fix use-after-free when volume resizing failed
ubi: Fix unreferenced object reported by kmemleak in
ubi_resize_volume()

drivers/mtd/ubi/vmt.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

--
2.31.1

Next message: Li Zetao: "[PATCH 2/2] ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()"
Previous message: Amir Goldstein: "Re: [PATCH v2 2/3] fsnotify: Protect i_fsnotify_mask and child flags with inode rwsem"
Next in thread: Li Zetao: "[PATCH 2/2] ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]