projects / platform / kernel / linux-stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fccbf06)
libceph: fix NULL dereference in reset_connection()
authorDan Carpenter <dan.carpenter@oracle.com>
Tue, 19 Jun 2012 13:52:33 +0000 (08:52 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 26 Nov 2012 19:38:25 +0000 (11:38 -0800)
(cherry picked from commit 26ce171915f348abd1f41da1ed139d93750d987f)

We dereference "con->in_msg" on the line after it was set to NULL.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Alex Elder <elder@inktank.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/ceph/messenger.c patch | blob | history

diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c
index 59e418b..7e20896 100644 (file)
--- a/net/ceph/messenger.c
+++ b/net/ceph/messenger.c
@@ -440,7 +440,7 @@ static void reset_connection(struct ceph_connection *con)
                con->in_msg->con = NULL;
                ceph_msg_put(con->in_msg);
                con->in_msg = NULL;
-               ceph_con_put(con->in_msg->con);
+               ceph_con_put(con);
        }
 
        con->connect_seq = 0;
Domain: System / Kernel;