| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Jun 2011 10:13:17 +0200 From: Tejun Heo <tj@...nel.org> To: Maxin B John <maxin.john@...il.com> Cc: akpm@...ux-foundation.org, segooon@...il.com, jkosina@...e.cz, tglx@...utronix.de, eike-kernel@...tec.de, linux-kernel@...r.kernel.org Subject: Re: [PATCH] [RESEND] devres: Fix possible use after free Hello, Maxin. On Tue, Jun 14, 2011 at 03:09:34PM +0100, Maxin B John wrote: > You are right. I shouldn't have mentioned it as dangerous. I was trying to > make this patch description similar to the description present in the > previous patch: > http://www.spinics.net/lists/mm-commits/msg84313.html > > This patch silences the Coverity Prevent's complains about this as > use-after-free bug. Please let me know if the updated patch description is OK. > > " > A freed pointer is passed as an argument to the function "devres_destroy()" in > "kernel/irq/devres.c" and "lib/devres.c". This patch fixes the possible use > after free. > The change silences the static analysis tool (Coverity Prevent) complains > about this as use-after-free bug. > " Yeap, sounds mostly okay but there's no 'possible use after free'. Maybe something like, "devres uses the pointer value as key after it's freed, which is safe but triggers spurious use-after-free warnings on some static analysis tools. Rearrange code to avoid such warnings". Thanks. -- tejun -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists