| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Oct 2013 19:13:04 -0700 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: Larry Finger <Larry.Finger@...inger.net> Cc: linville@...driver.com, Alex Dubov <oakad@...oo.com>, linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org, Kay Sievers <kay.sievers@...y.org> Subject: Re: [PATCH V2] memstick: Fix memory leak in memstick_check() error path On Sun, Oct 06, 2013 at 10:21:51PM -0500, Larry Finger wrote: > With kernel 3.12-rc3, kmemleak reports the following leak: > > > unreferenced object 0xffff8800ae85c190 (size 16): > > comm "kworker/u4:3", pid 685, jiffies 4294916336 (age 2831.760s) > > hex dump (first 16 bytes): > > 6d 65 6d 73 74 69 63 6b 30 00 00 00 00 00 00 00 memstick0....... > > backtrace: > > [<ffffffff8146a0d1>] kmemleak_alloc+0x21/0x50 > > [<ffffffff81160720>] __kmalloc_track_caller+0x160/0x2f0 > > [<ffffffff81237b9b>] kvasprintf+0x5b/0x90 > > [<ffffffff8122c0c1>] kobject_set_name_vargs+0x21/0x60 > > [<ffffffff812e7f5c>] dev_set_name+0x3c/0x40 > > [<ffffffffa02bf918>] memstick_check+0xb8/0x340 [memstick] > > [<ffffffff81069862>] process_one_work+0x1d2/0x670 > > [<ffffffff8106a88a>] worker_thread+0x11a/0x370 > > [<ffffffff81072ea6>] kthread+0xd6/0xe0 > > [<ffffffff81478bbc>] ret_from_fork+0x7c/0xb0 > > This problem was introduced by commit 0252c3b "memstick: struct device - > replace bus_id with dev_name(), dev_set_name()" where the name is not freed > in the error path. The name is also leaked in memstick_free_card(). > > Thanks to Catalin Marinas for suggesting the fix. > > Cc: Kay Sievers <kay.sievers@...y.org> > Cc: Alex Dubov <oakad@...oo.com> > Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> > Signed-off-by: Larry Finger <Larry.Finger@...inger.net> > --- > > V2 fixes the typos in the commit message, and frees the name in > memstick_free_card() as well as the error path in memstick_check(). Looking back at this, to try to figure out why the kmemleak report shows up, shows that this is a mess. Why would we be erroring out _before_ we try to register the struct device with the driver core, yet we had already initialized the struct device structure? Only set up the structure right before sending it to driver core, don't delay in allocation, only problems can happen (like here.) To fix this up, will take some major work, which I can't do, sorry, but this patch will not work either. greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists