On Thu, Sep 21, 2017 at 6:00 PM, Jake Daryll Obina wrote:
> If jffs2_iget() fails for a newly-allocated inode, jffs2_do_clear_inode()
> can get called twice in the error handling path, the first call in
> jffs2_iget() itself and the second through iget_failed(). This can result
> to a use-after-fr
If jffs2_iget() fails for a newly-allocated inode, jffs2_do_clear_inode()
can get called twice in the error handling path, the first call in
jffs2_iget() itself and the second through iget_failed(). This can result
to a use-after-free error in the second jffs2_do_clear_inode() call, such
as shown b
2 matches
Mail list logo
