lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 30 Oct 2010 18:37:16 +0200 (CEST)
From:	Jesper Juhl <jj@...osbits.net>
To:	Ralf Baechle <ralf@...ux-mips.org>
cc:	linux-mips@...ux-mips.org, linux-kernel@...r.kernel.org
Subject: [PATCH] Check vmalloc return value in vpe_open

Hi,

I noticed that the return value of the 
vmalloc() call in arch/mips/kernel/vpe.c::vpe_open() is not checked, so we 
potentially store a null pointer in v->pbuffer. As far as I can tell this 
will be a problem. However, I don't know the mips code at all, so there 
may be something, somewhere where I did not look, that handles this in a 
safe manner but I couldn't find it.

To me it looks like we should do what the patch below implements and check 
for a null return and then return -ENOMEM in that case. Comments?

Please CC me on replies as I'm not subscribed to linux-mips.


Signed-off-by: Jesper Juhl <jj@...osbits.net>
---
 vpe.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/mips/kernel/vpe.c b/arch/mips/kernel/vpe.c
index 3eb3cde..22b79f6 100644
--- a/arch/mips/kernel/vpe.c
+++ b/arch/mips/kernel/vpe.c
@@ -1092,6 +1092,10 @@ static int vpe_open(struct inode *inode, struct file *filp)
 
 	/* this of-course trashes what was there before... */
 	v->pbuffer = vmalloc(P_SIZE);
+	if (!v->pbuffer) {
+		pr_warning("VPE loader: unable to allocate memory\n");
+		return -ENOMEM;
+	}
 	v->plen = P_SIZE;
 	v->load_addr = NULL;
 	v->len = 0;


-- 
Jesper Juhl <jj@...osbits.net>             http://www.chaosbits.net/
Plain text mails only, please      http://www.expita.com/nomime.html
Don't top-post  http://www.catb.org/~esr/jargon/html/T/top-post.html

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ