]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd24e25) | patch
net/dns: Prevent UAF and double free
authorLidong Chen <lidong.chen@oracle.com>
Tue, 21 Oct 2025 21:20:04 +0000 (21:20 +0000)
committerDaniel Kiper <daniel.kiper@oracle.com>
Fri, 24 Oct 2025 18:05:07 +0000 (20:05 +0200)
commitfadc94b919a2d35c3f81c3593004af14b4535701
tree8bd4cf02cbd54ebe63b9725fbc44b0a67b08131dtree | snapshot
parentcd24e259108aa433115345952f5b7ed918de0afacommit | diff
net/dns: Prevent UAF and double free

In recv_hook(), *data->addresses is freed without being set to NULL.
Since *data->addresses can be cached in dns_cache[h].addresses, this
can lead to UAF or double free if dns_cache[h].addresses is accessed
or cleared later.

The fix sets *data->addresses to NULL after freeing to avoid dangling
pointer.

Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/net/dns.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git