On Tue, 6 Aug 2024 at 08:23, Nico Pache wrote:
>
> On Wed, Jul 31, 2024 at 1:02 AM David Gow wrote:
> >
> > kunit_driver_create() accepts a name for the driver, but does not copy
> > it, so if that name is either on the stack, or otherwise freed, we end
> > up with a use-after-free when the drive
On Wed, Jul 31, 2024 at 1:02 AM David Gow wrote:
>
> kunit_driver_create() accepts a name for the driver, but does not copy
> it, so if that name is either on the stack, or otherwise freed, we end
> up with a use-after-free when the driver is cleaned up.
>
> Instead, strdup() the name, and manage
On Wed, Jul 31, 2024 at 3:02 AM David Gow wrote:
>
> kunit_driver_create() accepts a name for the driver, but does not copy
> it, so if that name is either on the stack, or otherwise freed, we end
> up with a use-after-free when the driver is cleaned up.
>
> Instead, strdup() the name, and manage
On Wed, 31 Jul 2024 15:02:06 +0800, David Gow wrote:
> kunit_driver_create() accepts a name for the driver, but does not copy
> it, so if that name is either on the stack, or otherwise freed, we end
> up with a use-after-free when the driver is cleaned up.
>
> Instead, strdup() the name, and manag
kunit_driver_create() accepts a name for the driver, but does not copy
it, so if that name is either on the stack, or otherwise freed, we end
up with a use-after-free when the driver is cleaned up.
Instead, strdup() the name, and manage it as another KUnit allocation.
As there was no existing kuni
