fix double free caused by freeing link af_data in rtnl_link_set_family()
Introduced by commit 8026fe2e3a ("link:
Free and realloc af specific data upon rtnl_link_set_family()")
link->l_af_data[link->l_af_ops->ao_family] is freed here but not set to
zero. That leads to double free made by link_free_data->do_foreach_af.
Fix this by setting link->l_af_data[link->l_af_ops->ao_family] to zero
rigth after free.
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
This commit is contained in:
Jiri Pirko
Thomas Graf
parent
0eb665c693
commit
6f37b439af
1 changed files with 3 additions and 1 deletions
|
|
@ -1762,9 +1762,11 @@ void rtnl_link_set_family(struct rtnl_link *link, int family)
|
|||
link->l_family = family;
|
||||
link->ce_mask |= LINK_ATTR_FAMILY;
|
||||
|
||||
if (link->l_af_ops)
|
||||
if (link->l_af_ops) {
|
||||
af_free(link, link->l_af_ops,
|
||||
link->l_af_data[link->l_af_ops->ao_family], NULL);
|
||||
link->l_af_data[link->l_af_ops->ao_family] = NULL;
|
||||
}
|
||||
|
||||
link->l_af_ops = af_lookup_and_alloc(link, family);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue