lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20110802120815.GE2096@zod.bos.redhat.com>
Date:	Tue, 2 Aug 2011 08:08:16 -0400
From:	Josh Boyer <jwboyer@...hat.com>
To:	Alexey ORISHKO <alexey.orishko@...ricsson.com>
Cc:	Oliver Neukum <oliver@...kum.org>,
	Greg Kroah-Hartman <gregkh@...e.de>,
	"linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: cdc_ncm uses stack memory for DMA

On Tue, Aug 02, 2011 at 02:00:16PM +0200, Alexey ORISHKO wrote:
> > -----Original Message-----
> > From: linux-usb-owner@...r.kernel.org [mailto:linux-usb-owner@...r.kernel.org]
> > On Behalf Of Josh Boyer
> > Sent: Tuesday, August 02, 2011 1:02 PM
> 
> > 
> > -		err = cdc_ncm_do_request(ctx, &req, &max_datagram_size, 0, NULL,
> > +		err = cdc_ncm_do_request(ctx, &req, max_datagram_size, 0, NULL,
> >  									1000);
> > +
> >  		if (err) {
> >  			pr_debug("GET_MAX_DATAGRAM_SIZE failed, use size=%u\n",
> >  						CDC_NCM_MIN_DATAGRAM_SIZE);
> 
> You miss to free it here.

Ah, yes.  Will fix it.

> 
> >  		} else {
> > -			ctx->max_datagram_size = le16_to_cpu(max_datagram_size);
> > +			ctx->max_datagram_size = le16_to_cpu(*max_datagram_size);
> >  			/* Check Eth descriptor value */
> >  			if (eth_max_sz < CDC_NCM_MAX_DATAGRAM_SIZE) {
> >  				if (ctx->max_datagram_size > eth_max_sz)
> > @@ -401,10 +423,12 @@ static u8 cdc_ncm_setup(struct cdc_ncm_ctx *ctx)
> >  			req.wValue = 0;
> >  			req.wIndex = cpu_to_le16(iface_no);
> >  			req.wLength = 2;
> > -			max_datagram_size = cpu_to_le16(ctx->max_datagram_size);
> > +			*max_datagram_size = cpu_to_le16(ctx->max_datagram_size);
> > 
> > -			err = cdc_ncm_do_request(ctx, &req, &max_datagram_size,
> > +			err = cdc_ncm_do_request(ctx, &req, max_datagram_size,
> >  								0, NULL, 1000);
> > +			kfree(max_datagram_size);
> > +max_dgram_err:
> >  			if (err)
> >  				pr_debug("SET_MAX_DATAGRAM_SIZE failed\n");
> >  		}
> > --
> 
> 
> You have mem leak in case of request failure. Will you resubmit it with this change?

Yes.

> I have HW available and can test this patch on Ubuntu 11.04.

Great!

josh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ