netifd: Fix device usage after free

Prevent new device from being freed in device_replace when
device_unlock is called along the function chain triggered
by setting the old device as not present

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

diff --git a/device.c b/device.c
index 6f31e36..59a57f4 100644 (file)
--- a/device.c
+++ b/device.c
@@ -704,6 +704,7 @@ device_replace(struct device *dev, struct device *odev)
        struct device_user *dep, *tmp;
        bool present = odev->present;
 
        struct device_user *dep, *tmp;
        bool present = odev->present;
 

+       __devlock++;

        if (present)
                device_set_present(odev, false);
 
        if (present)
                device_set_present(odev, false);
 


@@ -713,6 +714,8 @@ device_replace(struct device *dev, struct device *odev)
                safe_list_add(&dep->list, &dev->users);
                dep->dev = dev;
        }
                safe_list_add(&dep->list, &dev->users);
                dep->dev = dev;
        }

+       __devlock--;
+

        device_free(odev);
 
        if (present)
        device_free(odev);
 
        if (present)