lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Tue, 21 Dec 2010 00:34:50 +0100 (CET)
From:	Jesper Juhl <jj@...osbits.net>
To:	Minchan Kim <minchan.kim@...il.com>
cc:	linux-mm@...ck.org, linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [updated PATCH] Close mem leak in error path in
 mm/hugetlb.c::nr_hugepages_store_common()

On Tue, 21 Dec 2010, Minchan Kim wrote:

> On Tue, Dec 21, 2010 at 7:05 AM, Jesper Juhl <jj@...osbits.net> wrote:
> > On Mon, 20 Dec 2010, Minchan Kim wrote:
> >
> >> On Mon, Dec 20, 2010 at 7:10 AM, Jesper Juhl <jj@...osbits.net> wrote:
> >> > Hi,
> >> >
> >> > The NODEMASK_ALLOC macro dynamically allocates memory for its second
> >> > argument ('nodes_allowed' in this context).
> >> > In nr_hugepages_store_common() we may abort early if strict_strtoul()
> >> > fails, but in that case we do not free the memory already allocated to
> >> > 'nodes_allowed', causing a memory leak.
> >> > This patch closes the leak by freeing the memory in the error path.
> >> >
> >> >
> >> > Signed-off-by: Jesper Juhl <jj@...osbits.net>
> >> > ---
> >> >  hugetlb.c |    4 +++-
> >> >  1 file changed, 3 insertions(+), 1 deletion(-)
> >> >
> >> >  compile tested only
> >> >
> >> > diff --git a/mm/hugetlb.c b/mm/hugetlb.c
> >> > index 8585524..9fdcc35 100644
> >> > --- a/mm/hugetlb.c
> >> > +++ b/mm/hugetlb.c
> >> > @@ -1439,8 +1439,10 @@ static ssize_t nr_hugepages_store_common(bool obey_mempolicy,
> >> >        NODEMASK_ALLOC(nodemask_t, nodes_allowed, GFP_KERNEL | __GFP_NORETRY);
> >> >
> >> >        err = strict_strtoul(buf, 10, &count);
> >> > -       if (err)
> >> > +       if (err) {
> >> > +               kfree(nodes_allowed);
> >>
> >> Nice catch. But use NODEMASK_FREE. It might be not kmalloced object.
> >>
> > Right. I just checked the macro and it used kmalloc(), so I just wrote
> > kfree. But you are right, NODEMASK_FREE is the right thing to use here.
> > Updated patch below.
> >
> >
> > Signed-off-by: Jesper Juhl <jj@...osbits.net>
> Reviewed-by: Minchan Kim <minchan.kim@...il.com>
> 
> Could you resend the completed patch to save Andrew trouble?
> 
I'm pretty sure he can pick it up from this mail. But, if he has not done 
so tomorrow evening (when I'll be reading email again) I'll re-submit the 
patch - sure..

Andrew: Please let me know if you pick up this patch or not..


-- 
Jesper Juhl <jj@...osbits.net>            http://www.chaosbits.net/
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please.

Powered by blists - more mailing lists