cifs: Possible slab memory corruption while updating extended stats (repost)
Updating extended statistics here can cause slab memory corruption if a callback function frees slab memory (mid_entry). Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
76429c148b
commit
64474bdd07
|
@ -633,11 +633,11 @@ incomplete_rcv:
|
||||||
mid_entry->largeBuf = isLargeBuf;
|
mid_entry->largeBuf = isLargeBuf;
|
||||||
multi_t2_fnd:
|
multi_t2_fnd:
|
||||||
mid_entry->midState = MID_RESPONSE_RECEIVED;
|
mid_entry->midState = MID_RESPONSE_RECEIVED;
|
||||||
list_del_init(&mid_entry->qhead);
|
|
||||||
mid_entry->callback(mid_entry);
|
|
||||||
#ifdef CONFIG_CIFS_STATS2
|
#ifdef CONFIG_CIFS_STATS2
|
||||||
mid_entry->when_received = jiffies;
|
mid_entry->when_received = jiffies;
|
||||||
#endif
|
#endif
|
||||||
|
list_del_init(&mid_entry->qhead);
|
||||||
|
mid_entry->callback(mid_entry);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
mid_entry = NULL;
|
mid_entry = NULL;
|
||||||
|
|
Loading…
Reference in New Issue