| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1459876266-18023-2-git-send-email-sudipm.mukherjee@gmail.com>
Date: Tue, 5 Apr 2016 22:41:06 +0530
From: Sudip Mukherjee <sudipm.mukherjee@...il.com>
To: Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Kees Cook <keescook@...omium.org>
Cc: linux-kernel@...r.kernel.org,
Sudip Mukherjee <sudipm.mukherjee@...il.com>
Subject: [PATCH 2/2] lkdtm: fix memory leak of base
This case is supposed to read from a memory after it has been freed,
but we missed freeing base if the memory 'val' could not be allocated.
Signed-off-by: Sudip Mukherjee <sudip.mukherjee@...ethink.co.uk>
---
drivers/misc/lkdtm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/lkdtm.c b/drivers/misc/lkdtm.c
index 2f0b022..5b3a63c 100644
--- a/drivers/misc/lkdtm.c
+++ b/drivers/misc/lkdtm.c
@@ -458,8 +458,10 @@ static void lkdtm_do_action(enum ctype which)
break;
val = kmalloc(len, GFP_KERNEL);
- if (!val)
+ if (!val) {
+ kfree(base);
break;
+ }
*val = 0x12345678;
base[offset] = *val;
--
1.9.1
Powered by blists - more mailing lists