[ltt-dev] [PATCH] Fix use after free of name_tables
Benjamin Poirier
benjamin.poirier at polymtl.ca
Tue Sep 1 14:49:34 EDT 2009
Pierre-Marc Fournier wrote:
> Benjamin Poirier wrote:
>> Signed-off-by: Benjamin Poirier <benjamin.poirier at polymtl.ca>
>> ---
>> lttv/lttv/state.c | 4 ++--
>> 1 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/lttv/lttv/state.c b/lttv/lttv/state.c
>> index 8b5f3e7..fc49ffc 100644
>> --- a/lttv/lttv/state.c
>> +++ b/lttv/lttv/state.c
>> @@ -2128,8 +2128,8 @@ free_name_tables(LttvTraceState *tcs)
>> if(name_tables->trap_names) g_free(name_tables->trap_names);
>> if(name_tables->irq_names) g_free(name_tables->irq_names);
>> if(name_tables->soft_irq_names) g_free(name_tables->soft_irq_names);
>> - if(name_tables) g_free(name_tables);
>> - if(name_tables) g_hash_table_destroy(name_tables->kprobe_hash);
>> + g_hash_table_destroy(name_tables->kprobe_hash);
>
> Please explain what allows you to safely remove the if() for this
> g_hash_table_destroy() call.
LttvNameTables are created by create_name_tables(). Some name_tables
members may be NULL because they are conditionally initialized.
kprobe_hash on the other hand is always initialized. The condition will
always be true.
>
>> + g_free(name_tables);
>> }
>>
>> #ifdef HASH_TABLE_DEBUG
>
More information about the lttng-dev
mailing list