artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e248632) | patch
Call bufq_destroy() in mfs_reclaim() before freeing the mfsnode.
authorclaudio <claudio@openbsd.org>
Tue, 16 Apr 2024 10:04:41 +0000 (10:04 +0000)
committerclaudio <claudio@openbsd.org>
Tue, 16 Apr 2024 10:04:41 +0000 (10:04 +0000)
commit6434a2662ab1393315c379a172fdfd57a1b98f42
treeb129e1ab8fe545065f3356ae86b9f928b8f30b7ctree | snapshot
parente24863265e34f4cfb83c826c02d5349776140d42commit | diff
Call bufq_destroy() in mfs_reclaim() before freeing the mfsnode.
This fixes a use-after-free bug in bufq_quiesce() once a mfs partition
was unmounted.
OK mpi@ deraadt@
sys/ufs/mfs/mfs_vnops.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim