lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <x49sil89djr.fsf@segfault.boston.devel.redhat.com>
Date:	Thu, 07 Aug 2014 17:48:24 -0400
From:	Jeff Moyer <jmoyer@...hat.com>
To:	Julia Lawall <Julia.Lawall@...6.fr>
Cc:	Joshua Morris <josh.h.morris@...ibm.com>,
	kernel-janitors@...r.kernel.org,
	Philip Kelleher <pjk1939@...ux.vnet.ibm.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/4] block: fix error return code

Julia Lawall <Julia.Lawall@...6.fr> writes:

> diff --git a/drivers/block/rsxx/core.c b/drivers/block/rsxx/core.c
> index a8de2ee..fa8077a 100644
> --- a/drivers/block/rsxx/core.c
> +++ b/drivers/block/rsxx/core.c
> @@ -942,6 +942,7 @@ static int rsxx_pci_probe(struct pci_dev *dev,
>  	card->event_wq = create_singlethread_workqueue(DRIVER_NAME"_event");
>  	if (!card->event_wq) {
>  		dev_err(CARD_TO_DEV(card), "Failed card event setup.\n");
> +		st = -ENOMEM;
>  		goto failed_event_handler;
>  	}

Reviewed-by: Jeff Moyer <jmoyer@...hat.com>

BTW, just above this there is questionable code:

        st = rsxx_get_num_targets(card, &card->n_targets);
        if (st)
                dev_info(CARD_TO_DEV(card),
                        "Failed reading the number of DMA targets\n");

        card->ctrl = kzalloc(card->n_targets * sizeof(*card->ctrl), GFP_KERNEL);
        if (!card->ctrl) {
                st = -ENOMEM;
                goto failed_dma_setup;
        }

>From my reading of the kzalloc code, ZERO_SIZE_PTR (which is 16 cast to
a void *) would be returned from that kzalloc call if the
rsxx_get_num_targets call failed (since you'd be kzalloc-ing 0 bytes).
That would lead to the !card->ctrl check not working, right?

I'd suggest not continuing after rsxx_get_num_targets fails.

Cheers,
Jeff
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ