31 Jul
2024
31 Jul
'24
8:34 a.m.
On Wed, 31 Jul 2024 15:02:06 +0800, David Gow wrote:
kunit_driver_create() accepts a name for the driver, but does not copy it, so if that name is either on the stack, or otherwise freed, we end up with a use-after-free when the driver is cleaned up.
Instead, strdup() the name, and manage it as another KUnit allocation.
[ ... ]
Reviewed-by: Maxime Ripard mripard@kernel.org
Thanks! Maxime