| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171003072007.GB9706@pathway.suse.cz>
Date: Tue, 3 Oct 2017 09:20:07 +0200
From: Petr Mladek <pmladek@...e.com>
To: Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>
Cc: Rob Herring <robh+dt@...nel.org>,
Steven Rostedt <rostedt@...dmis.org>,
devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
Sergey Senozhatsky <sergey.senozhatsky@...il.com>
Subject: Re: [PATCH] of: do not leak console options
On Tue 2017-09-26 15:25:10, Sergey Senozhatsky wrote:
> Do not strdup() console options. It seems that the only reason for
> it to be strdup()-ed was a compilation warning: printk, UART and
> console drivers, for some reason, expect char pointer instead of
> const char pointer. So we can just pass `of_stdout_options', but
> need to cast it to char pointer. A better fix would be to change
> printk, console drivers and UART to accept const char `options';
> but that will take time - there are lots of drivers to update.
>
> The patch also fixes a possible memory leak: add_preferred_console()
> can fail, but we don't kfree() options.
>
> Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@...il.com>
Of course, it would be better to change add_preferred_console().
But it would trigger many other changes. This alternative
"temporary" change looks safe to me. Feel free to use
Reviewed-by: Petr Mladek <pmladek@...e.com>
Best Regards,
Petr
Powered by blists - more mailing lists