Skip to content

Commit

Permalink
[CIFS] possible memory corruption on mount
Browse files Browse the repository at this point in the history 
CIFS cleanup_volume_info_contents() looks like having a memory
corruption problem.
When UNCip is set to "&vol->UNC[2]" in cifs_parse_mount_options(), it
should not be kfree()-ed in cleanup_volume_info_contents().

Introduced in commit b946845

Signed-off-by: J.R. Okajima <hooanon05@yahoo.co.jp>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
CC: Stable <stable@kernel.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
  • Loading branch information
Steve French committed Aug 18, 2011
1 parent fa71f44 commit 13589c4
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion fs/cifs/connect.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2878,7 +2878,8 @@ cleanup_volume_info_contents(struct smb_vol *volume_info)
kfree(volume_info->username);
kzfree(volume_info->password);
kfree(volume_info->UNC);
kfree(volume_info->UNCip);
if (volume_info->UNCip != volume_info->UNC + 2)
kfree(volume_info->UNCip);
kfree(volume_info->domainname);
kfree(volume_info->iocharset);
kfree(volume_info->prepath);
Expand Down

0 comments on commit 13589c4

Please sign in to comment.