From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000 (+0000)
Subject: slabtop: Reset slab_list if get_slabinfo() fails.
X-Git-Tag: v3.3.15~132
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5f3c071cd3119f3aaedb2de44ca360b48aa486fa;p=procps-ng

slabtop: Reset slab_list if get_slabinfo() fails.

Otherwise "the state of 'list' and 'stats' are undefined" (as per
get_slabinfo()'s documentation) and free_slabinfo() crashes (a
use-after-free).
---

diff --git a/slabtop.c b/slabtop.c
index 80be0a9d..b7b0647b 100644
--- a/slabtop.c
+++ b/slabtop.c
@@ -364,6 +364,7 @@ int main(int argc, char *argv[])
 		memset(&stats, 0, sizeof(struct slab_stat));
 
 		if (get_slabinfo(&slab_list, &stats)) {
+			slab_list = NULL;
 			retval = EXIT_FAILURE;
 			break;
 		}
@@ -436,7 +437,8 @@ int main(int argc, char *argv[])
 
 	if (is_tty)
 		tcsetattr(STDIN_FILENO, TCSAFLUSH, &saved_tty);
-	free_slabinfo(slab_list);
+	if (slab_list)
+		free_slabinfo(slab_list);
 	if (!run_once)
 		endwin();
 	return retval;