Skip to content

Commit

Permalink
fix use-after-free in iser_conn_free()
Browse files Browse the repository at this point in the history 
In iser_conn_free() lines 1356-1357:

free(conn);
dprintf("conn:%p freed\n", &conn->h);
	
So we free conn structure, than use it. Obviously should be visa versa.
  • Loading branch information
@AndrewV666
AndrewV666 committed Jul 18, 2022
1 parent a6bd1f0 commit 646aa73
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion usr/iscsi/iser.c
View file
Expand Up @@ -1353,8 +1353,8 @@ void iser_conn_free(struct iser_conn *conn)
free(conn->self_name);

conn->h.state = STATE_INIT;
free(conn);
dprintf("conn:%p freed\n", &conn->h);
free(conn);
}

static void iser_sched_conn_free(struct event_data *evt)
Expand Down

0 comments on commit 646aa73

Please sign in to comment.