From b2081a0f39bce45b3d1cf063308a9b77712f1a9f Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Mon, 17 Feb 2020 20:13:49 -0500 Subject: [PATCH] Fix: directory-handle: use of free'd handle on fstat() error MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit On an error to fstat a directory handle, a directory handle is released and is still initialized as if the error had not occurred. Return NULL early from lttng_directory_handle_create_from_dirfd() to prevent those erroneous accesses. Signed-off-by: Jérémie Galarneau Change-Id: Ia2a3bb1cfe8c90d3f7f87a68286a9b8524694d3c --- src/common/compat/directory-handle.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/common/compat/directory-handle.c b/src/common/compat/directory-handle.c index 9d2fed463..a790c5b79 100644 --- a/src/common/compat/directory-handle.c +++ b/src/common/compat/directory-handle.c @@ -164,6 +164,8 @@ struct lttng_directory_handle *lttng_directory_handle_create_from_dirfd( if (ret) { PERROR("Failed to fstat directory file descriptor %i", dirfd); lttng_directory_handle_release(&handle->ref); + handle = NULL; + goto end; } } else { handle->directory_inode = RESERVED_AT_FDCWD_INO; -- 2.34.1