| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Feb 2016 21:11:11 +0100
From: Rasmus Villemoes <linux@...musvillemoes.dk>
To: dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
intel-gfx@...ts.freedesktop.org, netdev@...r.kernel.org,
linux-rdma@...r.kernel.org, linux-mm@...ck.org
Cc: Rasmus Villemoes <linux@...musvillemoes.dk>
Subject: [PATCH 0/5] pre-decrement in error paths considered harmful
There are a few instances of
for (i = 0; i < FOO; ++i) {
ret = do_stuff(i)
if (ret)
goto err;
}
...
err:
while (--i)
undo_stuff(i);
At best, this fails to undo_stuff for i==0, but if i==0 was the case
that failed, we'll end up with an "infinite" loop in the error path
doing nasty stuff.
These were found with a simple coccinelle script
@@
expression i;
identifier l;
statement S;
@@
* l:
* while (--i)
S
(and there were no false positives).
There's no dependencies between the patches; I just wanted to include
a common cover letter with a little background info.
Rasmus Villemoes (5):
drm/gma500: fix error path in gma_intel_setup_gmbus()
drm/i915: fix error path in intel_setup_gmbus()
net/mlx4: fix some error handling in mlx4_multi_func_init()
net: sxgbe: fix error paths in sxgbe_platform_probe()
mm/backing-dev.c: fix error path in wb_init()
drivers/gpu/drm/gma500/intel_gmbus.c | 2 +-
drivers/gpu/drm/i915/intel_i2c.c | 2 +-
drivers/net/ethernet/mellanox/mlx4/cmd.c | 4 ++--
drivers/net/ethernet/samsung/sxgbe/sxgbe_platform.c | 4 ++--
mm/backing-dev.c | 2 +-
5 files changed, 7 insertions(+), 7 deletions(-)
--
2.1.4
Powered by blists - more mailing lists