Vladimir Sementsov-Ogievskiy <vsement...@virtuozzo.com> writes: > Hi all! > > I accidentally found use-after-free of local_err in mirror, and decided > to search for similar cases with help of small coccinelle script > (patch 01). Happily, there no many cases. > > Better to fix zero Error* pointer after each freeing everywhere, but > this is too much for 5.0 and most of these cases will be covered by > error-auto-propagation series. > > Note also, that there are still a lot of use-after-free cases possible > when error is not local variable but field of some structure, shared by > several functions.
I queued the part that hasn't been merged. Thanks!
