| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Oct 2017 13:59:57 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Arvind Yadav <arvind.yadav.cs@...il.com>
Cc: gregkh@...uxfoundation.org, robsonde@...il.com, tvboxspy@...il.com,
mayhs11saini@...il.com, devel@...verdev.osuosl.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: rtl8192e: set priv->irq as 0 after the irq is
freed
On Sat, Oct 28, 2017 at 12:03:46PM +0530, Arvind Yadav wrote:
> _rtl92e_init can fail here, we must set priv->irq as 0 after free_irq.
>
The changelog isn't useful. It should say that we are doing this
because we call free_irq() again in _rtl92e_pci_probe() so it's a double
free.
This fix won't work. _rtl92e_pci_probe() doesn't check if priv->irq is
zero, and also it frees dev->irq which is different from priv->irq. We
should really just get rid of priv->irq.
Really each allocation function should have a corresponding free
function so there should be a _rtl92e_undo_init() which frees the memory
and the IRQ. Currently we just free the IRQ and leak the memory.
Anyway, the right fix is to just do this:
--- a/drivers/staging/rtl8192e/rtl8192e/rtl_core.c
+++ b/drivers/staging/rtl8192e/rtl8192e/rtl_core.c
@@ -2524,7 +2524,7 @@ static int _rtl92e_pci_probe(struct pci_dev *pdev,
RT_TRACE(COMP_INIT, "Driver probe completed1\n");
if (_rtl92e_init(dev) != 0) {
netdev_warn(dev, "Initialization failed");
- goto err_free_irq;
+ goto err_unmap;
}
netif_carrier_off(dev);
_rtl92e_init() is a useless name as well... :/ It would be nice to
preserve the error codes, except they are all -1 which is lazy and
wrong.
regards,
dan carpenter
Powered by blists - more mailing lists