c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2025-10-25 17:35:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
cce83ba0ec
mirror_zfs/module
History
Chunwei Chen cce83ba0ec Fix use-after-free in taskq_seq_show_impl 
taskq_seq_show_impl walks the tq_active_list to show the tqent_func and
tqent_arg. However for taskq_dispatch_ent, it's very likely that the
task entry will be freed during the function call, and causes a
use-after-free bug.

To fix this, we duplicate the task entry to an on-stack struct, and
assign it instead to tqt_task. This way, the tq_lock alone will
guarantee its safety.

Reviewed-by: Tim Chase <tim@chase2k.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
Closes #638 
Closes #640
2017-08-04 09:57:58 -07:00
..
spl Fix use-after-free in taskq_seq_show_impl 2017-08-04 09:57:58 -07:00
splat Linux 4.13 compat: wait queues 2017-07-23 19:32:14 -07:00
.gitignore Improve gitignore 2017-05-25 10:12:50 -07:00
Makefile.in Prevent rm modules.* when make install 2015-12-02 14:38:20 -08:00