On Thu, Jul 21, 2005 at 02:56:07PM +1000, Nigel Cunningham wrote:
>
> +static int lzf_compress_init(void *context)
> +{
> + struct lzf_ctx *ctx = (struct lzf_ctx *)context;
> +
> + /* Get LZF ready to go */
> + ctx->hbuf = vmalloc_32((1 << hlog) * sizeof(char *));
Any reason why vmalloc can't be used?
> + /* Allocate local buffer */
> + ctx->local_buffer = (char *)get_zeroed_page(GFP_ATOMIC);
> + /* Allocate page buffer */
> + ctx->page_buffer = (char *)get_zeroed_page(GFP_ATOMIC);
Where are these two buffers used anyway?
> + if (!ctx->page_buffer) {
> + free_page((unsigned long)ctx->local_buffer);
> + lzf_compress_exit(ctx);
This is a double-free of local_buffer.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |