Re: [PATCH] usb: gadget: configfs: Fix use-after-free issue with udc_name

On 20-07-16 14:41:06, Macpaul Lin wrote: > There is a use-after-free issue, if access udc_name > in function gadget_dev_desc_UDC_store after another context > free udc_name in function unregister_gadget. > > Contex 1: %s/contex/context > gadget_dev_desc_UDC_store()->unregister_gadget()-> > free

[PATCH] usb: gadget: configfs: Fix use-after-free issue with udc_name

There is a use-after-free issue, if access udc_name in function gadget_dev_desc_UDC_store after another context free udc_name in function unregister_gadget. Contex 1: gadget_dev_desc_UDC_store()->unregister_gadget()-> free udc_name->set udc_name to NULL Contex 2: gadget_dev_desc_UDC_show()-> acce