lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <201009122244.00861.sven.eckelmann@gmx.de>
Date:	Sun, 12 Sep 2010 22:43:59 +0200
From:	Sven Eckelmann <sven.eckelmann@....de>
To:	b.a.t.m.a.n@...ts.open-mesh.org
Cc:	Vasiliy Kulikov <segooon@...il.com>,
	kernel-janitors@...r.kernel.org,
	"Greg Kroah-Hartman" <gregkh@...e.de>,
	Andrew Lunn <andrew@...n.ch>,
	Marek Lindner <lindner_marek@...oo.de>,
	Simon Wunderlich <siwu@....tu-chemnitz.de>,
	Andreas Langer <an.langer@....de>, devel@...verdev.osuosl.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: batman-adv: check kmalloc() return value

Vasiliy Kulikov wrote:
> kmalloc() may fail, if so drop current packet.

Thanks for your patch. The indention is right, but it adds just another bug 
(locking related).

> Signed-off-by: Vasiliy Kulikov <segooon@...il.com>
> ---
>  Compile tested.
> 
>  drivers/staging/batman-adv/routing.c |    6 ++++--
>  drivers/staging/batman-adv/unicast.c |    8 ++++++--
>  drivers/staging/batman-adv/unicast.h |    2 +-
>  3 files changed, 11 insertions(+), 5 deletions(-)
> 
> diff --git a/drivers/staging/batman-adv/routing.c
> b/drivers/staging/batman-adv/routing.c index e12fd99..e545260 100644
> --- a/drivers/staging/batman-adv/routing.c
> +++ b/drivers/staging/batman-adv/routing.c
> @@ -1232,8 +1232,10 @@ int recv_ucast_frag_packet(struct sk_buff *skb,
> struct batman_if *recv_if)
> 
>  		orig_node->last_frag_packet = jiffies;
> 
> -		if (list_empty(&orig_node->frag_list))
> -			create_frag_buffer(&orig_node->frag_list);
> +		if (list_empty(&orig_node->frag_list)) {
> +			if (create_frag_buffer(&orig_node->frag_list))
> +				return NET_RX_DROP;
> +		}
> 
>  		tmp_frag_entry =
>  			search_frag_packet(&orig_node->frag_list,

You must spin_unlock_irqrestore before you return from that function.

Best regards,
	Sven

Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ