Skip to content

Commit

Permalink
aio: nullify aio->ring_pages after freeing it
Browse files Browse the repository at this point in the history
After freeing ring_pages we leave it as is causing a dangling pointer. This
has already caused an issue so to help catching any issues in the future
NULL it out.

Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Benjamin LaHaise <[email protected]>
  • Loading branch information
sashalevin authored and bcrl committed Nov 19, 2013
1 parent d558023 commit ddb8c45
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion fs/aio.c
Original file line number Diff line number Diff line change
Expand Up @@ -196,8 +196,10 @@ static void aio_free_ring(struct kioctx *ctx)

put_aio_ring_file(ctx);

if (ctx->ring_pages && ctx->ring_pages != ctx->internal_pages)
if (ctx->ring_pages && ctx->ring_pages != ctx->internal_pages) {
kfree(ctx->ring_pages);
ctx->ring_pages = NULL;
}
}

static int aio_ring_mmap(struct file *file, struct vm_area_struct *vma)
Expand Down

0 comments on commit ddb8c45

Please sign in to comment.