mirror of
https://github.com/brain-hackers/u-boot-brain
synced 2024-09-21 12:10:24 +09:00
CVE-2019-13105: ext4: fix double-free in ext4_cache_read
ext_cache_read doesn't null cache->buf, after freeing, which results in a later function double-freeing it. This patch fixes ext_cache_read to call ext_cache_fini instead of free. Signed-off-by: Paul Emge <paulemge@forallsecure.com>
This commit is contained in:
parent
232e2f4fd9
commit
6e5a79de65
@ -286,7 +286,7 @@ int ext_cache_read(struct ext_block_cache *cache, lbaint_t block, int size)
|
||||
if (!cache->buf)
|
||||
return 0;
|
||||
if (!ext4fs_devread(block, 0, size, cache->buf)) {
|
||||
free(cache->buf);
|
||||
ext_cache_fini(cache);
|
||||
return 0;
|
||||
}
|
||||
cache->block = block;
|
||||
|
Loading…
Reference in New Issue
Block a user