lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20070411160520.GB12573@twiddle.net>
Date:	Wed, 11 Apr 2007 09:05:20 -0700
From:	Richard Henderson <rth@...ddle.net>
To:	Ivan Kokshaysky <ink@...assic.park.msu.ru>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Jay Estabrook <jay.estabrook@...com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 7/7] ALPHA: support graphics on non-zero PCI domains

On Wed, Apr 11, 2007 at 12:30:48PM +0400, Ivan Kokshaysky wrote:
> +VGA_MAP_MEM(unsigned long xaddr, unsigned int size)
> +{
> +	/* Create a new VGA ioport resource WRT the hose it is on. */
> +	if (pci_vga_hose && pci_vga_hose->index) {
> +		static struct resource alpha_vga =
> +		  { .name = "alpha-vga+", .start = 0x3C0, .end = 0x3DF };
> +		struct resource new_vga = alpha_vga;
> +
> +		new_vga.start += pci_vga_hose->io_space->start;
> +		new_vga.end   += pci_vga_hose->io_space->start;
> +		request_resource(&ioport_resource, &new_vga);

This leaks the local stack frame variable new_vga into the
resource tree, does it not?  Shouldn't you be kmallocing this?


r~
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ