aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPekka Enberg <penberg@cs.helsinki.fi>2008-07-26 20:49:33 -0400
committerDavid S. Miller <davem@davemloft.net>2008-07-26 20:49:33 -0400
commit93bc4e89c260d91576840c4881d1066d84ccd422 (patch)
tree456176a054fc9a3fed18ac6ce50c7a34a86c5808 /include
parent3918fed5f31213067c1c345bd904e1ea369e6819 (diff)
netfilter: fix double-free and use-after free
As suggested by Patrick McHardy, introduce a __krealloc() that doesn't free the original buffer to fix a double-free and use-after-free bug introduced by me in netfilter that uses RCU. Reported-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pekka Enberg <penberg@cs.helsinki.fi> Tested-by: Dieter Ries <clip2@gmx.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/slab.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/slab.h b/include/linux/slab.h
index 9aa90a6f20e0..be6f1d40b66a 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -96,6 +96,7 @@ int kmem_ptr_validate(struct kmem_cache *cachep, const void *ptr);
96/* 96/*
97 * Common kmalloc functions provided by all allocators 97 * Common kmalloc functions provided by all allocators
98 */ 98 */
99void * __must_check __krealloc(const void *, size_t, gfp_t);
99void * __must_check krealloc(const void *, size_t, gfp_t); 100void * __must_check krealloc(const void *, size_t, gfp_t);
100void kfree(const void *); 101void kfree(const void *);
101size_t ksize(const void *); 102size_t ksize(const void *);