| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170503154924.1659-1-colin.king@canonical.com>
Date: Wed, 3 May 2017 16:49:24 +0100
From: Colin King <colin.king@...onical.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Wei-Ning Huang <wnhuang@...gle.com>,
Thierry Escande <thierry.escande@...labora.com>,
Wei Yongjun <weiyongjun1@...wei.com>
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] firmware: Google VPD: fix error handling on allocation failures
From: Colin Ian King <colin.king@...onical.com>
Fix two allocation failure checks. Firstly, ensure info is checked
for a failed allocation; this fixes a potential null pointer
dereference issue on info->key. Secondly, free info is info->key
fails to allocate to fix a memory leak.
Detected by CoverityScan, CID#1430064 ("Resource Leak")
Signed-off-by: Colin Ian King <colin.king@...onical.com>
---
drivers/firmware/google/vpd.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/firmware/google/vpd.c b/drivers/firmware/google/vpd.c
index 3ce813110d5e..2eb15b1dabcc 100644
--- a/drivers/firmware/google/vpd.c
+++ b/drivers/firmware/google/vpd.c
@@ -116,9 +116,13 @@ static int vpd_section_attrib_add(const u8 *key, s32 key_len,
return VPD_OK;
info = kzalloc(sizeof(*info), GFP_KERNEL);
+ if (!info)
+ return -ENOMEM;
info->key = kzalloc(key_len + 1, GFP_KERNEL);
- if (!info->key)
+ if (!info->key) {
+ kfree(info);
return -ENOMEM;
+ }
memcpy(info->key, key, key_len);
--
2.11.0
Powered by blists - more mailing lists