]> granicus.if.org Git - procps-ng/commitdiff
slabtop: Reset slab_list if get_slabinfo() fails.
authorQualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committerCraig Small <csmall@enc.com.au>
Fri, 18 May 2018 21:32:21 +0000 (07:32 +1000)
Otherwise "the state of 'list' and 'stats' are undefined" (as per
get_slabinfo()'s documentation) and free_slabinfo() crashes (a
use-after-free).

slabtop.c

index 80be0a9d79a58454d22e870fc687031f520e9192..b7b0647b8ac4e7b22643e3cb1b2aa34bab9a31c6 100644 (file)
--- a/slabtop.c
+++ b/slabtop.c
@@ -364,6 +364,7 @@ int main(int argc, char *argv[])
                memset(&stats, 0, sizeof(struct slab_stat));
 
                if (get_slabinfo(&slab_list, &stats)) {
+                       slab_list = NULL;
                        retval = EXIT_FAILURE;
                        break;
                }
@@ -436,7 +437,8 @@ int main(int argc, char *argv[])
 
        if (is_tty)
                tcsetattr(STDIN_FILENO, TCSAFLUSH, &saved_tty);
-       free_slabinfo(slab_list);
+       if (slab_list)
+               free_slabinfo(slab_list);
        if (!run_once)
                endwin();
        return retval;