shmem: don't unmap a memrory region in restore_shmem_content()

This function doesn't allocate memory, so it should not release it. CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE) 14. deref_arg: Calling munmap dereferences freed pointer addr.
avagin · Oct 31, 2014 · 41e476e · 41e476e
1 parent ff521e2
commit 41e476e
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/shmem.c b/shmem.c
@@ -129,7 +129,7 @@ static int restore_shmem_content(void *addr, struct shmem_info *si)
 
 	ret = open_page_read(si->shmid, &pr, opts.auto_dedup ? O_RDWR : O_RSTR, true);
 	if (ret)
-		goto err_unmap;
+		return -1;
 
 	fd_pg = img_raw_fd(pr.pi);
 	while (1) {
@@ -168,9 +168,6 @@ static int restore_shmem_content(void *addr, struct shmem_info *si)
 
 	pr.close(&pr);
 	return ret;
-err_unmap:
-	munmap(addr,  si->size);
-	return -1;
 }
 
 int get_shmem_fd(int pid, VmaEntry *vi)