| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 May 2013 23:12:54 +0300 From: Andy Shevchenko <andy.shevchenko@...il.com> To: Benjamin Tissoires <benjamin.tissoires@...hat.com> Cc: Benjamin Tissoires <benjamin.tissoires@...il.com>, Henrik Rydberg <rydberg@...omail.se>, Jiri Kosina <jkosina@...e.cz>, Stephane Chatty <chatty@...c.fr>, linux-input@...r.kernel.org, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] HID: multitouch: prevent memleak with the allocated name On Wed, May 29, 2013 at 11:45 AM, Benjamin Tissoires <benjamin.tissoires@...hat.com> wrote: > mt_free_input_name() was never called during .remove(): > hid_hw_stop() removes the hid_input items in hdev->inputs, and so the > list is therefore empty after the call. In the end, we never free the > special names that has been allocated during .probe(). > > Restore the original name before freeing it to avoid acessing already > freed pointer. > > I just spotted this one yesterday... My guess is that this way is safe (without > a locking mechanism to prevent accessing hi->input->name), but I'm not 100% sure. Hi Jiri, Benjamin. What do you think about patch I just sent? P.S. Benjamin, I re-used your commit message, I think you have no objections. -- With Best Regards, Andy Shevchenko -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists