| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Aug 2014 02:38:19 +0530
From: Arjun Sreedharan <arjun024@...il.com>
To: Rusty Russell <rusty@...tcorp.com.au>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Jingoo Han <jg1.han@...sung.com>, linux-kernel@...r.kernel.org,
David Woodhouse <David.Woodhouse@...el.com>
Subject: Re: [PATCH] params: fix potential memory leak in add_sysfs_param()
On 21 August 2014 02:19, Rusty Russell <rusty@...tcorp.com.au> wrote:
> Arjun Sreedharan <arjun024@...il.com> writes:
>> Do not leak memory when attrs is non NULL and
>> krealloc() fails. Without temporary variable,
>> reference to it is lost.
>>
>> Signed-off-by: Arjun Sreedharan <arjun024@...il.com>
>
> ...
>
>> }
>> - /* Despite looking like the typical realloc() bug, this is safe.
>> - * We *want* the old 'attrs' to be freed either way, and we'll store
>> - * the new one in the success case. */
>> - attrs = krealloc(attrs, sizeof(new->grp.attrs[0])*(num+2), GFP_KERNEL);
>> - if (!attrs) {
>> +
>> + new_attrs = krealloc(attrs, sizeof(new->grp.attrs[0])*(num+2), GFP_KERNEL);
>> + if (!new_attrs) {
>
> I think that comment you deleted is pretty clear. Is it wrong?
>
> Cheers,
> Rusty.
I believe it's wrong. I do not understand how `this is safe` from memory leak.
If krealloc() fails, there is nothing in place to free memory held by @attrs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists