From c42791b6ec5453cd7910eac7bfdd88f27173f81c Mon Sep 17 00:00:00 2001 From: Paolo 'Blaisorblade' Giarrusso Date: Wed, 18 Jan 2006 17:42:53 -0800 Subject: [PATCH] [PATCH] uml: make daemon transport behave properly Avoid uninitialized data in the daemon_data structure. I used this transport before doing proper setup before-hand, and I got some very nice SLAB corruption due to freeing crap pointers. So just make sure to clear everything when appropriate. Signed-off-by: Paolo 'Blaisorblade' Giarrusso Cc: Jeff Dike Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- arch/um/drivers/daemon_kern.c | 4 ++++ arch/um/drivers/daemon_user.c | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/arch/um/drivers/daemon_kern.c b/arch/um/drivers/daemon_kern.c index 30d285b266a..507e3cbac9d 100644 --- a/arch/um/drivers/daemon_kern.c +++ b/arch/um/drivers/daemon_kern.c @@ -31,6 +31,10 @@ void daemon_init(struct net_device *dev, void *data) dpri->fd = -1; dpri->control = -1; dpri->dev = dev; + /* We will free this pointer. If it contains crap we're burned. */ + dpri->ctl_addr = NULL; + dpri->data_addr = NULL; + dpri->local_addr = NULL; printk("daemon backend (uml_switch version %d) - %s:%s", SWITCH_VERSION, dpri->sock_type, dpri->ctl_sock); diff --git a/arch/um/drivers/daemon_user.c b/arch/um/drivers/daemon_user.c index 1bb085b2824..c944265955e 100644 --- a/arch/um/drivers/daemon_user.c +++ b/arch/um/drivers/daemon_user.c @@ -158,10 +158,16 @@ static void daemon_remove(void *data) struct daemon_data *pri = data; os_close_file(pri->fd); + pri->fd = -1; os_close_file(pri->control); + pri->control = -1; + kfree(pri->data_addr); + pri->data_addr = NULL; kfree(pri->ctl_addr); + pri->ctl_addr = NULL; kfree(pri->local_addr); + pri->local_addr = NULL; } int daemon_user_write(int fd, void *buf, int len, struct daemon_data *pri) -- 2.41.1