On Fri, Nov 23, 2018 at 07:58:15AM +0200, Amir Goldstein wrote:
> On Fri, Nov 23, 2018 at 5:16 AM Pan Bian wrote:
> >
> > The function dentry_connected calls dput(dentry) to drop the previously
> > acquired reference to dentry. In this case, dentry can be released.
> > After that, IS_ROOT(dentry)
On Fri, Nov 23, 2018 at 5:16 AM Pan Bian wrote:
>
> The function dentry_connected calls dput(dentry) to drop the previously
> acquired reference to dentry. In this case, dentry can be released.
> After that, IS_ROOT(dentry) checks the condition
> (dentry == dentry->d_parent), which may result in a
The function dentry_connected calls dput(dentry) to drop the previously
acquired reference to dentry. In this case, dentry can be released.
After that, IS_ROOT(dentry) checks the condition
(dentry == dentry->d_parent), which may result in a use-after-free bug.
This patch directly compares dentry wi
3 matches
Mail list logo
