[ofa-general] Re: [PATCHv3] opensm/osm_lash: Fix use after free problem in osm_mesh_node_delete
Sasha Khapyorsky
sashak at voltaire.com
Sun Aug 2 04:16:01 PDT 2009
On 06:53 Sun 02 Aug , Hal Rosenstock wrote:
> diff --git a/opensm/opensm/osm_ucast_lash.c b/opensm/opensm/osm_ucast_lash.c
> index 1c55a90..cf8e793 100644
> --- a/opensm/opensm/osm_ucast_lash.c
> +++ b/opensm/opensm/osm_ucast_lash.c
> @@ -5,6 +5,7 @@
> * Copyright (c) 2007 Simula Research Laboratory. All rights reserved.
> * Copyright (c) 2007 Silicon Graphics Inc. All rights reserved.
> * Copyright (c) 2008,2009 System Fabric Works, Inc. All rights reserved.
> + * Copyright (c) 2009 HNR Consulting. All rights reserved.
> *
> * This software is available to you under a choice of one of two
> * licenses. You may choose to be licensed under the terms of the GNU
> @@ -659,6 +660,18 @@ static void switch_delete(lash_t *p_lash, switch_t * sw)
> free(sw);
> }
>
> +static void delete_switches(lash_t *p_lash)
Would delete_mesh_switches() (or cleanup_mesh*()) be a better name? It
doesn't delete lash's switches, only mesh nodes.
> +{
> + if (p_lash->switches) {
> + unsigned id;
> + for (id = 0; ((int)id) < p_lash->num_switches; id++)
> + if (p_lash->switches[id])
> + osm_mesh_node_delete(p_lash,
> + p_lash->switches[id]);
> + }
> +}
> +
> +
> static void free_lash_structures(lash_t * p_lash)
> {
> unsigned int i, j, k;
> @@ -1219,7 +1232,7 @@ static int lash_process(void *context)
>
> return_status = discover_network_properties(p_lash);
discover_network_properties() can fail in a middle of allocations and
full clean is desired anyway. It should be safe to 'goto Exit' below
since mesh node deletion is protected against not yet initialized input.
Sasha
> if (return_status != IB_SUCCESS)
> - goto Exit;
> + goto Exit2;
>
> return_status = init_lash_structures(p_lash);
> if (return_status != IB_SUCCESS)
> @@ -1234,6 +1247,9 @@ static int lash_process(void *context)
> populate_fwd_tbls(p_lash);
>
> Exit:
> + delete_switches(p_lash);
> +
> +Exit2:
> if (p_lash->vl_min)
> free_lash_structures(p_lash);
> OSM_LOG_EXIT(p_log);
>
More information about the general
mailing list