Unverified Commit 22fb0556 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!665 [HUST CSE] fix a use-after-free bug in uncore_pci_remove() 

Merge Pull Request from: @liu-ziqin 
 
https://gitee.com/openeuler/kernel/blob/OLK-5.10/arch/x86/events/zhaoxin/uncore.c#L1692
released the variable 'box',
however https://gitee.com/openeuler/kernel/blob/OLK-5.10/arch/x86/events/zhaoxin/uncore.c#L1694
dereferenced the freed memory 'box'(box->pmu->type->name),resulting use-after-free bug. 
This bug can be fixed by defining variable 'name' to temporarily store the value of
box->pmu->type->name,and replacing 'box->pmu->type->name' in the condition check
at L1694 with 'name'. 
 
Link:https://gitee.com/openeuler/kernel/pulls/665

 

Reviewed-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parents 139aa37a e2ca326d
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment