[PATCH] slab poisoning fix

The slab debugging code is supposed to poison freshly-allocated obejcts with 0x5a and freed ones with 0x6b, so we can distinguish use-uninitialised from use-after-free. It wasn't working right for recycled objects. Fix.

[PATCH] slab poisoning fix
The slab debugging code is supposed to poison freshly-allocated obejcts with 0x5a and freed ones with 0x6b, so we can distinguish use-uninitialised from use-after-free. It wasn't working right for recycled objects. Fix.
237d5bd7 · Andrew Morton · Linus Torvalds · 919a670d · 237d5bd7
Commit 237d5bd7 authored Jun 20, 2003 by Andrew Morton Committed by Linus Torvalds Jun 20, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

mm/slab.c mm/slab.c +3 -1

No files found.
--- a/mm/slab.c
+++ b/mm/slab.c
@@ -1745,8 +1745,10 @@ cache_alloc_debugcheck_after(kmem_cache_t *cachep,

 	if (!objp)	
 		return objp;
-	if (cachep->flags & SLAB_POISON)
+	if (cachep->flags & SLAB_POISON) {
 		check_poison_obj(cachep, objp);
+ 		poison_obj(cachep, objp, POISON_BEFORE);
+	}
 	if (cachep->flags & SLAB_STORE_USER) {
 		objlen -= BYTES_PER_WORD;
 		*((void **)(objp+objlen)) = caller;