Commit af7c38c0 authored by zhangyi (F)'s avatar zhangyi (F) Committed by Kleber Sacilotto de Souza

tracing: Do not free iter->trace in fail path of tracing_open_pipe()

BugLink: https://bugs.launchpad.net/bugs/1822271

commit e7f0c424 upstream.

Commit d716ff71 ("tracing: Remove taking of trace_types_lock in
pipe files") use the current tracer instead of the copy in
tracing_open_pipe(), but it forget to remove the freeing sentence in
the error path.

There's an error path that can call kfree(iter->trace) after the iter->trace
was assigned to tr->current_trace, which would be bad to free.

Link: http://lkml.kernel.org/r/1550060946-45984-1-git-send-email-yi.zhang@huawei.com

Cc: stable@vger.kernel.org
Fixes: d716ff71 ("tracing: Remove taking of trace_types_lock in pipe files")
Signed-off-by: default avatarzhangyi (F) <yi.zhang@huawei.com>
Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
Acked-by: default avatarJuerg Haefliger <juerg.haefliger@canonical.com>
Signed-off-by: default avatarKleber Sacilotto de Souza <kleber.souza@canonical.com>
parent 4089e271
...@@ -4646,7 +4646,6 @@ static int tracing_open_pipe(struct inode *inode, struct file *filp) ...@@ -4646,7 +4646,6 @@ static int tracing_open_pipe(struct inode *inode, struct file *filp)
return ret; return ret;
fail: fail:
kfree(iter->trace);
kfree(iter); kfree(iter);
__trace_array_put(tr); __trace_array_put(tr);
mutex_unlock(&trace_types_lock); mutex_unlock(&trace_types_lock);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment