[Skiboot] [PATCH 1/2] core/pldm: Fix dangling point issue
Abhishek Singh Tomar
abhishek at linux.ibm.com
Thu May 30 23:52:18 AEST 2024
When calling pldm_platform_init() and the GET_PDR PLDM
request fails, the 'pdrs_repo' global variable is freed
but becomes a dangling pointer. Subsequent calls to
pldm_platform_init will lead to an invalid read.
==28652== Invalid read of size 8
==28652== at 0x40A4C8: pldm_pdr_destroy (pdr.c:130)
==28652== by 0x424BA3: pdr_init_complete (pldm-platform-requests.c:42)
==28652== by 0x4274DA: pldm_platform_load_pdrs (pldm-platform-requests.c:1170)
==28652== by 0x42759C: pdrs_init (pldm-platform-requests.c:1190)
==28652== by 0x427703: pldm_platform_init (pldm-platform-requests.c:1221)
Signed-off-by: Abhishek Singh Tomar <abhishek at linux.ibm.com>
---
core/pldm/pldm-platform-requests.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/core/pldm/pldm-platform-requests.c b/core/pldm/pldm-platform-requests.c
index cb0ff9443..21ec43a47 100644
--- a/core/pldm/pldm-platform-requests.c
+++ b/core/pldm/pldm-platform-requests.c
@@ -38,8 +38,10 @@ static void pdr_init_complete(bool success)
if (!success) {
pdr_ready = false;
- if (pdrs_repo)
+ if (pdrs_repo) {
pldm_pdr_destroy(pdrs_repo);
+ pdrs_repo = NULL;
+ }
return;
}
--
2.45.1
More information about the Skiboot
mailing list