From 10e0246a91f486c8e56e38c8fd894c3fa911d308 Mon Sep 17 00:00:00 2001
From: liuh <liuhuan01@kylinos.cn>
Date: Thu, 18 Apr 2024 14:31:12 +0800
Subject: [PATCH] mdadm: Fix double free

(cherry picked from commit 5a7e659b169ae09f81f230734af428a5cfe5cc72)
---
 0015-mdadm-Fix-double-free.patch | 33 ++++++++++++++++++++++++++++++++
 mdadm.spec                       |  6 +++++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 0015-mdadm-Fix-double-free.patch

diff --git a/0015-mdadm-Fix-double-free.patch b/0015-mdadm-Fix-double-free.patch
new file mode 100644
index 0000000..903bdda
--- /dev/null
+++ b/0015-mdadm-Fix-double-free.patch
@@ -0,0 +1,33 @@
+From 5ce5a15f0bf007e850e15259bba4f53736605fb2 Mon Sep 17 00:00:00 2001
+From: Lukasz Florczak <lukasz.florczak@linux.intel.com>
+Date: Fri, 25 Mar 2022 12:48:59 +0100
+Subject: mdadm: Fix double free
+
+If there was a size mismatch after creation it would get fixed on grow
+in imsm_fix_size_mismatch(), but due to double free "double free or corruption (fasttop)"
+error occurs and grow cannot proceed.
+
+Signed-off-by: Lukasz Florczak <lukasz.florczak@linux.intel.com>
+Signed-off-by: Jes Sorensen <jsorensen@fb.com>
+---
+ super-intel.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/super-intel.c b/super-intel.c
+index 5ffa7636..6ff336ee 100644
+--- a/super-intel.c
++++ b/super-intel.c
+@@ -11783,9 +11783,8 @@ static int imsm_fix_size_mismatch(struct supertype *st, int subarray_index)
+ 			st->update_tail = &st->updates;
+ 		} else {
+ 			imsm_sync_metadata(st);
++			free(update);
+ 		}
+-
+-		free(update);
+ 	}
+ 	ret_val = 0;
+ exit:
+-- 
+cgit 1.2.3-korg
+
diff --git a/mdadm.spec b/mdadm.spec
index 3de7dfe..858cac8 100644
--- a/mdadm.spec
+++ b/mdadm.spec
@@ -1,6 +1,6 @@
 Name:     mdadm
 Version:  4.2
-Release:  11
+Release:  12
 Summary:  The software RAID arrays user manage tools
 License:  GPLv2+
 URL:      http://www.kernel.org/pub/linux/utils/raid/mdadm/
@@ -24,6 +24,7 @@ Patch11: 0011-Manage-Block-unsafe-member-failing.patch
 Patch12: 0012-Manage-do-not-check-array-state-when-drive-is-remove.patch
 Patch13: 0013-incremental-manage-do-not-verify-if-remove-is-safe.patch
 Patch14: 0014-Fix-race-of-mdadm-add-and-mdadm-incremental.patch
+Patch15: 0015-mdadm-Fix-double-free.patch
 
 BuildRequires:    systemd gcc binutils libudev-devel
 
@@ -90,6 +91,9 @@ install -d -m 710 %{buildroot}/var/run/mdadm/
 %{_mandir}/man*/*
 
 %changelog
+* Thu Apr 18 2024 liuh <liuhuan01@kylinos.cm> - 4.2-12
+- sync patch from community
+
 * Tue Dec 19 2023 wuguanghao <wuguanghao3@huawei.com> - 4.2-11
 - Fix race of "mdadm --add" and "mdadm --incremental"
 
-- 
Gitee