lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 23 Jul 2007 13:47:13 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Christoph Lameter <clameter@....com>
Cc:	Johannes Berg <johannes@...solutions.net>,
	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [RFC] fix slub krealloc()

On Mon, 23 Jul 2007 13:32:06 -0700
Christoph Lameter <clameter@....com> wrote:

> On Wed, 18 Jul 2007 17:42:11 +0200
> Johannes Berg <johannes@...solutions.net> wrote:
> 
> > Commit ef2ad80c7d255ed0449eda947c2d700635b7e0f5 breaks
> > krealloc(NULL, ...) badly, it BUG_ON()s.
> > 
> > This patch fixes it but the fix should probably be in mm/util.c
> > because the documentation says that krealloc(NULL, x, gfp) is
> > equivalent to kmalloc(x, gfp) and that's not true any more even after
> > this patch when you do krealloc(NULL, 0, gfp)
> 
> Right. We need to fix util.c. ksize should not be called with a NULL
> parameter.
> Index: linux-2.6/mm/util.c
> ===================================================================
> --- linux-2.6.orig/mm/util.c	2007-07-23 13:29:42.000000000 -0700
> +++ linux-2.6/mm/util.c	2007-07-23 13:31:28.000000000 -0700
> @@ -88,7 +88,11 @@ void *krealloc(const void *p, size_t new
>  		return ZERO_SIZE_PTR;
>  	}
>  
> -	ks = ksize(p);
> +	if (p)
> +		ks = ksize(p);
> +	else
> +		ks = 0;
> +
>  	if (ks >= new_size)
>  		return (void *)p;
>  

I think we already fixed this?

commit 1d4ec7b1d6f130818f9b62dea3411d9ee2ff6ff6
Author: Roland Dreier <rdreier@...co.com>
Date:   Fri Jul 20 12:13:20 2007 -0700

    Fix ZERO_OR_NULL_PTR(ZERO_SIZE_PTR)
    
    The comparison with ZERO_SIZE_PTR in ZERO_OR_NULL_PTR() needs to be <=
    (not just <) so that ZERO_OR_NULL_PTR(ZERO_SIZE_PTR) is 1.
    
    Signed-off-by: Roland Dreier <rolandd@...co.com>
    [ Duh!  - Linus ]
    Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org>

diff --git a/include/linux/slab.h b/include/linux/slab.h
index 7d0ecc1..d859354 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -40,7 +40,7 @@ #define SLAB_TRACE		0x00200000UL	/* Trac
  */
 #define ZERO_SIZE_PTR ((void *)16)
 
-#define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) < \
+#define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) <= \
 				(unsigned long)ZERO_SIZE_PTR)
 
 /*

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists