linux_dsm_epyc7002/drivers/vhost
Stefan Hajnoczi 3fda5d6e58 vhost/vsock: fix vhost virtio_vsock_pkt use-after-free
Stash the packet length in a local variable before handing over
ownership of the packet to virtio_transport_recv_pkt() or
virtio_transport_free_pkt().

This patch solves the use-after-free since pkt is no longer guaranteed
to be alive.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-08-09 13:42:37 +03:00
..
Kconfig vhost: split out vringh Kconfig 2016-08-02 16:54:28 +03:00
Kconfig.vringh vhost: split out vringh Kconfig 2016-08-02 16:54:28 +03:00
Makefile VSOCK: Add Makefile and Kconfig 2016-08-02 02:57:30 +03:00
net.c virtio/vhost: new features for 4.8 2016-08-06 09:20:13 -04:00
scsi.c target: make close_session optional 2016-05-10 01:19:26 -07:00
test.c vhost: rename vhost_init_used() 2016-03-02 17:02:04 +02:00
test.h vhost test module 2010-12-09 16:00:21 +02:00
vhost.c vhost: detect 32 bit integer wrap around 2016-08-02 16:54:28 +03:00
vhost.h vhost: new device IOTLB API 2016-08-02 16:53:54 +03:00
vringh.c vringh: update for virtio 1.0 APIs 2014-12-15 23:49:28 +02:00
vsock.c vhost/vsock: fix vhost virtio_vsock_pkt use-after-free 2016-08-09 13:42:37 +03:00