[PATCH] erofs-utils: sbi->devs should be cleared after freed
Gao Xiang
hsiangkao at linux.alibaba.com
Mon Aug 21 17:09:01 AEST 2023
Otherwise, it could cause double-free if sbi reuses
when fuzzing [1].
[1] https://github.com/erofs/erofsnightly/actions/runs/5921003885/job/16053013007
Signed-off-by: Gao Xiang <hsiangkao at linux.alibaba.com>
---
lib/super.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/super.c b/lib/super.c
index 58e2574..6c5b073 100644
--- a/lib/super.c
+++ b/lib/super.c
@@ -123,14 +123,18 @@ int erofs_read_superblock(struct erofs_sb_info *sbi)
return ret;
ret = erofs_xattr_prefixes_init(sbi);
- if (ret)
+ if (ret) {
free(sbi->devs);
+ sbi->devs = NULL;
+ }
return ret;
}
void erofs_put_super(struct erofs_sb_info *sbi)
{
- if (sbi->devs)
+ if (sbi->devs) {
free(sbi->devs);
+ sbi->devs = NULL;
+ }
erofs_xattr_prefixes_cleanup(sbi);
}
--
2.24.4
More information about the Linux-erofs
mailing list