On 4/1/21 1:57 PM, Lv Yunlong wrote:
In get_initial_state, it calls notify_initial_state_done(skb,..) if
cb->args[5]==1. I see that if genlmsg_put() failed in
notify_initial_state_done(), the skb will be freed by nlmsg_free(skb).
Then get_initial_state will goto out and the freed skb will be used
-...@lists.linbit.com
> 主题: Re: [Drbd-dev] [PATCH] drbd: Fix a use after free in get_initial_state
>
> On 4/1/21 1:57 PM, Lv Yunlong wrote:
> > In get_initial_state, it calls notify_initial_state_done(skb,..) if
> > cb->args[5]==1. I see that if genlmsg_put() failed in
> &g
; > 抄送: philipp.reis...@linbit.com, lars.ellenb...@linbit.com, ax...@kernel.dk,
> > linux-bl...@vger.kernel.org, linux-kernel@vger.kernel.org,
> > drbd-...@lists.linbit.com
> > 主题: Re: [Drbd-dev] [PATCH] drbd: Fix a use after free in get_initial_state
> >
> > On 4/1/21 1:57 PM
3 matches
Mail list logo
