-
由 Rusty Russell 提交于
Impact: fix crash on reading from /sys/module/.../ieee80211_default_rc_algo The module_param type "charp" simply sets a char * pointer in the module to the parameter in the commandline string: this is why we keep the (mangled) module command line around. But when set via sysfs (as about 11 charp parameters can be) this memory is freed on the way out of the write(). Future reads hit random mem. So we kstrdup instead: we have to check we're not in early commandline parsing, and we have to note when we've used it so we can reliably kfree the parameter when it's next overwritten, and also on module unload. (Thanks to Randy Dunlap for CONFIG_SYSFS=n fixes) Reported-by: NSitsofe Wheeler <sitsofe@yahoo.com> Diagnosed-by: NFrederic Weisbecker <fweisbec@gmail.com> Tested-by: NFrederic Weisbecker <fweisbec@gmail.com> Tested-by: NChristof Schmitt <christof.schmitt@de.ibm.com> Signed-off-by: NRusty Russell <rusty@rustcorp.com.au>
e180a6b7