[PATCH] uml: make daemon transport behave properly
authorPaolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Thu, 19 Jan 2006 01:42:53 +0000 (17:42 -0800)
committerLinus Torvalds <torvalds@g5.osdl.org>
Thu, 19 Jan 2006 03:20:20 +0000 (19:20 -0800)
Avoid uninitialized data in the daemon_data structure.  I used this transport
before doing proper setup before-hand, and I got some very nice SLAB
corruption due to freeing crap pointers.  So just make sure to clear
everything when appropriate.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
arch/um/drivers/daemon_kern.c
arch/um/drivers/daemon_user.c

index 30d285b266af5cea7736d98c9c690d41f50f7de7..507e3cbac9d38a281d357f4c40c86309ce585f9e 100644 (file)
@@ -31,6 +31,10 @@ void daemon_init(struct net_device *dev, void *data)
        dpri->fd = -1;
        dpri->control = -1;
        dpri->dev = dev;
+       /* We will free this pointer. If it contains crap we're burned. */
+       dpri->ctl_addr = NULL;
+       dpri->data_addr = NULL;
+       dpri->local_addr = NULL;
 
        printk("daemon backend (uml_switch version %d) - %s:%s", 
               SWITCH_VERSION, dpri->sock_type, dpri->ctl_sock);
index 1bb085b2824d19e25e88ce4e931bcfba25f07a76..c944265955e203f9a11892f2283e3900aebcef11 100644 (file)
@@ -158,10 +158,16 @@ static void daemon_remove(void *data)
        struct daemon_data *pri = data;
 
        os_close_file(pri->fd);
+       pri->fd = -1;
        os_close_file(pri->control);
+       pri->control = -1;
+
        kfree(pri->data_addr);
+       pri->data_addr = NULL;
        kfree(pri->ctl_addr);
+       pri->ctl_addr = NULL;
        kfree(pri->local_addr);
+       pri->local_addr = NULL;
 }
 
 int daemon_user_write(int fd, void *buf, int len, struct daemon_data *pri)