From: Aaron Miller <aaronmiller@fb.com>
Date: Tue, 6 Jun 2017 02:02:50 +0000 (-0700)
Subject: fix use-after-free in pci.ids parsing
X-Git-Tag: v1.4~51^2
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=8a0591ee168e0232621858e202835f7ab00fe17b;p=users%2Fsagi%2Fnvme-cli.git

fix use-after-free in pci.ids parsing

If a device that is not in pci.ids has its name looked up after a device
that *was* present in pci.ids, these pointers are still set even though
they've been free'd, and then get passed to snprintf resulting in a
use-after-free.
---

diff --git a/nvme-models.c b/nvme-models.c
index e55e7b07..c2b16c33 100644
--- a/nvme-models.c
+++ b/nvme-models.c
@@ -32,11 +32,17 @@ static char *class_final;
 static void free_all(void)
 {
 	free(device_top);
+	device_top = NULL;
 	free(device_mid);
+	device_mid = NULL;
 	free(device_final);
+	device_final = NULL;
 	free(class_top);
+	class_top = NULL;
 	free(class_mid);
+	class_mid = NULL;
 	free(class_final);
+	class_final = NULL;
 }
 
 static char *find_data(char *data)