[haiku-bugs] [Haiku] #13375: [PATCH] system/boot/loader/vfs.cpp: fix use after free

From: "mt" <trac@xxxxxxxxxxxx>
Date: Mon, 13 Mar 2017 06:49:55 -0000

#13375: [PATCH] system/boot/loader/vfs.cpp: fix use after free
--------------------------------+------------------------------
Reporter:  mt                  |        Owner:  axeld
     Type:  bug                 |       Status:  new
Priority:  normal              |    Milestone:  Unscheduled
Component:  System/Boot Loader  |      Version:  R1/Development
Keywords:                      |   Blocked By:
Blocking:                      |  Has a Patch:  0
Platform:  All                 |
--------------------------------+------------------------------
Since Node::Close() calls Node::Release() [1], dir->directory->Close() at
line 1206 [2] could delete dir->directory itself, and then dir->directory
may be used after free at next line 1207.

[1] http://cgit.haiku-
os.org/haiku/tree/src/system/boot/loader/vfs.cpp#n111

[2] http://cgit.haiku-
os.org/haiku/tree/src/system/boot/loader/vfs.cpp#n1206

--
Ticket URL: <https://dev.haiku-os.org/ticket/13375>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.

Follow-Ups:
- [haiku-bugs] Re: [Haiku] #13375: [PATCH] system/boot/loader/vfs.cpp: fix use after free
  - From: mt
- [haiku-bugs] Re: [Haiku] #13375: [PATCH] system/boot/loader/vfs.cpp: fix use after free
  - From: mt
- [haiku-bugs] Re: [Haiku] #13375: [PATCH] system/boot/loader/vfs.cpp: fix use after free
  - From: axeld

[haiku-bugs] [Haiku] #13375: [PATCH] system/boot/loader/vfs.cpp: fix use after free

Other related posts: