]> git.ipfire.org Git - thirdparty/mdadm.git/commitdiff
projects / thirdparty / mdadm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d8b0173)
Assemble: set devices to NULL when load_devices can't load device
authorGuoqing Jiang <gqjiang@suse.com>
Mon, 27 Aug 2018 03:10:52 +0000 (11:10 +0800)
committerJes Sorensen <jsorensen@fb.com>
Thu, 27 Sep 2018 14:30:19 +0000 (10:30 -0400)
Since load_devices frees "devices" when it can't find any
device, we should set it to NULL to avoid double free issue
which can be reproduced by below steps:

mdadm -CR /dev/md/vol -l0 -e 1.2 -n2 /dev/sd[b-c] --assume-clean
mdadm -Ss
mdadm -A /dev/md127 /dev/sd[b-c] --update metadata

Reported-by: Tkaczyk Mariusz <mariusz.tkaczyk@intel.com>
Tested-by: Tkaczyk Mariusz <mariusz.tkaczyk@intel.com>
Signed-off-by: Guoqing Jiang <gqjiang@suse.com>
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Assemble.c patch | blob | blame | history

diff --git a/Assemble.c b/Assemble.c
index 02641900420ce18210e66cca8a780da0984d1986..a79466c6cf0c1ba570cf3fc8e0d4d1ea78cc825c 100644 (file)
--- a/Assemble.c
+++ b/Assemble.c
@@ -1539,6 +1539,11 @@ try_again:
                              &most_recent, &bestcnt, &best, inargv);
        if (devcnt < 0) {
                mdfd = -3;
+               /*
+                * devices is already freed in load_devices, so set devices
+                * to NULL to avoid double free devices.
+                */
+               devices = NULL;
                goto out;
        }
 
Unnamed repository; edit this file 'description' to name the repository.