diff options
author | dumbbell <dumbbell@FreeBSD.org> | 2008-01-24 17:10:19 +0000 |
---|---|---|
committer | dumbbell <dumbbell@FreeBSD.org> | 2008-01-24 17:10:19 +0000 |
commit | ba3df23cb8fa4355a16820390afdd590e0a58be7 (patch) | |
tree | 7068fef549babbf1bf671437caf732a4825b963a /LOCKS | |
parent | 17d99001fab69e948489158a3aa6caf948b0b996 (diff) | |
download | FreeBSD-src-ba3df23cb8fa4355a16820390afdd590e0a58be7.zip FreeBSD-src-ba3df23cb8fa4355a16820390afdd590e0a58be7.tar.gz |
When asked to use kqueue, AIO stores its internal state in the
`kn_sdata' member of the newly registered knote. The problem is that
this member is overwritten by a call to kevent(2) with the EV_ADD flag,
targetted at the same kevent/knote. For instance, a userland application
may set the pointer to NULL, leading to a panic.
A testcase was provided by the submitter.
PR: kern/118911
Submitted by: MOROHOSHI Akihiko <moro@remus.dti.ne.jp>
MFC after: 1 day
Diffstat (limited to 'LOCKS')
0 files changed, 0 insertions, 0 deletions