| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 01 May 2014 23:46:57 +0200
From: Jes Sorensen <Jes.Sorensen@...hat.com>
To: Christian Engelmayer <cengelma@....at>
Cc: Mateusz Guzik <mguzik@...hat.com>, devel@...verdev.osuosl.org,
Larry.Finger@...inger.net, gregkh@...uxfoundation.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: rtl8723au: fix potential leak in update_bcn_wps_ie()
Christian Engelmayer <cengelma@....at> writes:
> On Thu, 1 May 2014 14:22:17 +0200, Mateusz Guzik <mguzik@...hat.com> wrote:
>> On Thu, May 01, 2014 at 01:57:27PM +0200, Christian Engelmayer wrote:
>> > Fix a potential leak in the error path of function update_bcn_wps_ie().
>> > Make sure that allocated memory for 'pbackup_remainder_ie' is freed
>> > upon return. Detected by Coverity - CID 1077718.
>> >
>>
>> if (remainder_ielen > 0) {
>> pbackup_remainder_ie = kmalloc(remainder_ielen, GFP_ATOMIC);
>> if (pbackup_remainder_ie)
>> memcpy(pbackup_remainder_ie, premainder_ie,
>> remainder_ielen);
>> }
>>
>> pwps_ie_src = pmlmepriv->wps_beacon_ie;
>> if (pwps_ie_src == NULL)
>> return;
>>
>>
>> Maybe just check pwps_ie_src earlier?
>>
>
> You are right, I see no reason why this cannot be done early in the function.
Looks good to me - if you send me a patch with a commit message and a
Signed-off-by, I'll add it to the rtl8723au driver tree and push it to
Greg with my next set of changes.
Cheers,
Jes
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists