[Bug 264469] net/mlx4_core: fix a use-after-free

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264469] net/mlx4_core: fix a use-after-free"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264469] net/mlx4_core: fix a use-after-free"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 05 Jun 2022 09:49:12 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264469

            Bug ID: 264469
           Summary: net/mlx4_core: fix a use-after-free
           Product: Base System
           Version: Unspecified
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: ruc_gongyuanjun@163.com

Created attachment 234460
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=234460&action=edit
a possible patch

mlx4_QP_FLOW_STEERING_DETACH_wrapper first removes the rrule and then
references qpn field in rrule. The memory of rrule might be
reallocated, making the pqn field different. Fix this by saving qpn in
a local variable.

-- 
You are receiving this mail because:
You are the assignee for the bug.