[ewg] Re: [PATCH] libibumad: get_ca() can call release_ca() with uninitialized data

Sasha Khapyorsky sashak at voltaire.com
Tue Feb 3 06:01:10 PST 2009


On 11:53 Mon 02 Feb     , Ralph Campbell wrote:
> In umad.c, get_ca(), the error path when the call to
> scandir() fails calls release_ca(ca) when the structure
> has not yet been initialized. This can cause free() to
> be called on random memory addresses.
> The fix is to initialize ca->numports and ca->ports
> earlier in get_ca().
> 
> Signed-off-by: Ralph Campbell <ralph.campbell at qlogic.com>

Applied, Thanks.

Sasha



More information about the ewg mailing list