[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 08/14] proc: fix a use-after-free error
From: |
Justus Winter |
Subject: |
[PATCH 08/14] proc: fix a use-after-free error |
Date: |
Fri, 8 Nov 2013 21:24:16 +0100 |
If we have to create a new process group, we have to do this before
leaving the current one. The current process group is deallocated if
the process is the last process in that group. Likewise, if the
current group was the last group in the current groups session, the
session is deallocated.
Found using the Clang Static Analyzer.
* proc/pgrp.c (S_proc_setpgrp): Fix use-after-free error.
---
proc/pgrp.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/proc/pgrp.c b/proc/pgrp.c
index d4ea9ee..a828e17 100644
--- a/proc/pgrp.c
+++ b/proc/pgrp.c
@@ -341,8 +341,14 @@ S_proc_setpgrp (struct proc *callerp,
if (p->p_pgrp != pg)
{
+ /* If we have to create a new pgrp, we have to do this before
+ leaving the current one. p->p_pgrp is deallocated if p is
+ the last process in that group. Likewise, if p->p_pgrp was
+ the last group in p->p_pgrp->pg_session, the session is
+ deallocated. */
+ struct pgrp *new = pg ? pg : new_pgrp (pgid, p->p_pgrp->pg_session);
leave_pgrp (p);
- p->p_pgrp = pg ? pg : new_pgrp (pgid, p->p_pgrp->pg_session);
+ p->p_pgrp = new;
join_pgrp (p);
}
else
--
1.7.10.4
- [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, (continued)
- [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Justus Winter, 2013/11/08
- Re: [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Ludovic Courtès, 2013/11/08
- Re: [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Justus Winter, 2013/11/09
- Re: [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Richard Braun, 2013/11/09
- Re: [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Justus Winter, 2013/11/09
- Re: [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Ludovic Courtès, 2013/11/09
- Re: [PATCH 06/14] proc: turn {init, add}str, compare_versions into normal functions, Samuel Thibault, 2013/11/09
[PATCH 03/14] proc: remove declaration of nested functions from proc.h, Justus Winter, 2013/11/08
[PATCH 05/14] proc: turn reap into a normal function, Justus Winter, 2013/11/08
[PATCH 08/14] proc: fix a use-after-free error,
Justus Winter <=
[PATCH 13/14] mach-defpager: include errno.h, Justus Winter, 2013/11/08
[PATCH 02/14] libtrivfs: improve the out of memory handling in add_el, Justus Winter, 2013/11/08
[PATCH 12/14] mach-defpager: turn dealloc_direct into a normal function, Justus Winter, 2013/11/08
Re: [PATCH 01/14] term: fix error handling in hurdio_mdmctl, Samuel Thibault, 2013/11/09