| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Jul 2014 13:38:04 -0700 (PDT) From: David Miller <davem@...emloft.net> To: khoroshilov@...ras.ru Cc: kevin.curtis@...site.co.uk, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, ldv-project@...uxtesting.org Subject: Re: [PATCH v2] farsync: fix invalid memory accesses in fst_add_one() and fst_init_card() From: Alexey Khoroshilov <khoroshilov@...ras.ru> Date: Thu, 10 Jul 2014 18:43:01 -0400 > There are several issues in fst_add_one() and fst_init_card(): > - invalid pointer dereference at card->ports[card->nports - 1] if > register_hdlc_device() fails for the first port in fst_init_card(); > - fst_card_array overflow at fst_card_array[no_of_cards_added] > because there is no checks for array overflow; > - use after free because pointer to deallocated card is left in fst_card_array > if something fails after fst_card_array[no_of_cards_added] = card; > - several leaks on failure paths in fst_add_one(). > > The patch fixes all the issues and makes code more readable. > > Found by Linux Driver Verification project (linuxtesting.org). > > Signed-off-by: Alexey Khoroshilov <khoroshilov@...ras.ru> Applied, thanks Alexey. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists