lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 07 Jul 2017 09:28:21 +0100 (WEST)
From:   David Miller <davem@...emloft.net>
To:     christophe.jaillet@...adoo.fr
Cc:     m.grzeschik@...gutronix.de, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] arcnet: com20020-pci: Fix an error handling path in
 'com20020pci_probe()'

From: Christophe JAILLET <christophe.jaillet@...adoo.fr>
Date: Fri,  7 Jul 2017 06:56:16 +0200

> If this memory allocation fails, we should go through the error handling
> path as done everywhere else in this function before returning.
> 
> Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>

This is really the tip of the iceberg here and this function's cleanup
really needs to be shored up more completely than this.

If the allocation of 'card' succeeds, and one of the "goto out_port"
paths are taken, 'card' is leaked because the last thing performed
is linking it into the list inside of 'priv'.

Anyways, I'll apply this but there are so many more leaks here.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ