kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   0b62bdb4751d0cd6898a3176acfedaa5d21e9d3a
  2.   patches.suse
  3.   net-enetc-bug-fix-for-qos-sfi-operate-space-after-fr.patch
Blob Blame History Raw 
From: Po Liu <Po.Liu@nxp.com>
Date: Thu, 7 May 2020 18:57:38 +0800
Subject: net:enetc: bug fix for qos sfi operate space after freed

Git-commit: 571cf29644542b9e410ed102cb35ecb27b4fdfa3
Patch-mainline: v5.8-rc1
References: jsc#SLE-12251

'Dan Carpenter' reported:
This code frees "sfi" and then dereferences it on the next line:
>                 kfree(sfi);
>                 clear_bit(sfi->index, epsfp.psfp_sfi_bitmap);

This "sfi->index" should be "index".

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Po Liu <Po.Liu@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Mian Yousaf Kaukab <yousaf.kaukab@suse.com>
---
 drivers/net/ethernet/freescale/enetc/enetc_qos.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/freescale/enetc/enetc_qos.c b/drivers/net/ethernet/freescale/enetc/enetc_qos.c
index 172acb602ccb..fd3df19eaa32 100644
--- a/drivers/net/ethernet/freescale/enetc/enetc_qos.c
+++ b/drivers/net/ethernet/freescale/enetc/enetc_qos.c
@@ -903,7 +903,7 @@ static void stream_filter_unref(struct enetc_ndev_priv *priv, u32 index)
 		enetc_streamfilter_hw_set(priv, sfi, false);
 		hlist_del(&sfi->node);
 		kfree(sfi);
-		clear_bit(sfi->index, epsfp.psfp_sfi_bitmap);
+		clear_bit(index, epsfp.psfp_sfi_bitmap);
 	}
 }
 
-- 
2.26.2
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.