lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 8 Dec 2016 12:51:40 +0000
From:   Ian Abbott <abbotti@....co.uk>
To:     SF Markus Elfring <elfring@...rs.sourceforge.net>,
        devel@...verdev.osuosl.org, Chris Cesare <chris.cesare@...il.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        H Hartley Sweeten <hsweeten@...ionengravers.com>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        kernel-janitors@...r.kernel.org
Subject: Re: [PATCH 4/5] staging: comedi: usbduxsigma: Split a condition check
 in usbduxsigma_alloc_usb_buffers()

On 08/12/16 11:37, SF Markus Elfring wrote:
> From: Markus Elfring <elfring@...rs.sourceforge.net>
> Date: Thu, 8 Dec 2016 11:15:40 +0100
>
> The functions "kcalloc" and "kzalloc" were called in four cases by the
> function "usbduxsigma_alloc_usb_buffers" without checking immediately
> if they succeded.
> This issue was detected by using the Coccinelle software.
>
> Allocated memory was also not released if one of these function
> calls failed.
>
> * Reduce memory allocation sizes for two function calls.
>
> * Split a condition check for memory allocation failures.
>
> * Add more exception handling.
>
> Fixes: 65989c030bbca96be45ed137f6384dbd46030d10 ("staging: comedi: usbduxsigma: factor usb buffer allocation out of (*probe)")
>
> Signed-off-by: Markus Elfring <elfring@...rs.sourceforge.net>
> ---
>  drivers/staging/comedi/drivers/usbduxsigma.c | 61 ++++++++++++++++++++++------
>  1 file changed, 49 insertions(+), 12 deletions(-)

My comments on PATCH 2/5 about how comedi drivers handle clean-up apply 
to this patch too.  So this patch will cause an Oops in the unlikely 
event of running out of memory during buffer allocation.

-- 
-=( Ian Abbott @ MEV Ltd.    E-mail: <abbotti@....co.uk> )=-
-=(                          Web: http://www.mev.co.uk/  )=-

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ