Re: [PATCH] async: avoid use-after-free on re-entrancy guard

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] async: avoid use-after-free on re-entrancy guard

From:	Stefan Hajnoczi
Subject:	Re: [PATCH] async: avoid use-after-free on re-entrancy guard
Date:	Tue, 2 May 2023 07:40:34 -0400

On Mon, May 01, 2023 at 10:19:56AM -0400, Alexander Bulekov wrote:
> A BH callback can free the BH, causing a use-after-free in aio_bh_call.
> Fix that by keeping a local copy of the re-entrancy guard pointer.
> 
> Buglink: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58513
> Fixes: 9c86c97f12 ("async: Add an optional reentrancy guard to the BH API")
> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> ---
>  util/async.c | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] async: avoid use-after-free on re-entrancy guard, Alexander Bulekov, 2023/05/01
- Re: [PATCH] async: avoid use-after-free on re-entrancy guard, Thomas Huth, 2023/05/02
- Re: [PATCH] async: avoid use-after-free on re-entrancy guard, Stefan Hajnoczi <=

Prev by Date: Re: QMP (without OOB) function running in thread different from the main thread as part of aio_poll
Next by Date: Re: QMP (without OOB) function running in thread different from the main thread as part of aio_poll
Previous by thread: Re: [PATCH] async: avoid use-after-free on re-entrancy guard
Next by thread: Re: [PATCH v4 04/20] virtio-scsi: stop using aio_disable_external() during unplug
Index(es):
- Date
- Thread