| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1480423830-24842-1-git-send-email-bianpan2016@163.com>
Date: Tue, 29 Nov 2016 20:50:30 +0800
From: Pan Bian <bianpan2016@....com>
To: linux-usb@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, Pan Bian <bianpan2016@....com>
Subject: [PATCH 1/1] usb: return correct errno code when krealloc fails
In function wusb_dev_sec_add(), variable result takes the return value.
Its value should be negative on failures. When function krealloc() is
called, an earlier check of variable result guarantees that the value of
result must not be less than "sizeof(*secd)", and result is not
reassigned when krealloc() returns a NULL pointer. As a result, a
positive value may be returned, which makes it impossible for the caller
of wusb_dev_sec_add() to detect the error. This patch fixes the bug by
assigning -ENOMEM to result when krealloc() returns NULL.
Signed-off-by: Pan Bian <bianpan2016@....com>
---
drivers/usb/wusbcore/security.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/usb/wusbcore/security.c b/drivers/usb/wusbcore/security.c
index 8c9421b..170f2c3 100644
--- a/drivers/usb/wusbcore/security.c
+++ b/drivers/usb/wusbcore/security.c
@@ -240,6 +240,7 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc,
if (new_secd == NULL) {
dev_err(dev,
"Can't allocate space for security descriptors\n");
+ result = -ENOMEM;
goto out;
}
secd = new_secd;
--
1.9.1
Powered by blists - more mailing lists