| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Dec 2017 20:54:10 +0100
From: Lukas Bulwahn <lukas.bulwahn@...il.com>
To: linux-kbuild@...r.kernel.org
Cc: Alexey Dobriyan <adobriyan@...il.com>, lukas.bulwahn@...il.com,
sil2review@...ts.osadl.org,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Michal Marek <michal.lkml@...kovi.net>,
linux-kernel@...r.kernel.org
Subject: [PATCH] fixdep: free memory on second error path of do_config_file
Commit dee81e988674 ("fixdep: faster CONFIG_ search") introduces the memory
leak when `map = mmap(...)` was replaced with `map = malloc(...)` and
`read(fd, map, ...)`. It introduces a new second error path, which does not
free the allocated memory for `map`. We now correct that behavior and free
`map` before the do_config_file() function returns.
Facebook's static analysis tool Infer (http://fbinfer.com) found this
memory leak:
scripts/basic/fixdep.c:297: error: MEMORY_LEAK
memory dynamically allocated by call to `malloc()` at line 290, \
column 8 is not reachable after line 297, column 3.
Fixes: dee81e988674 ("fixdep: faster CONFIG_ search")
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@...il.com>
---
scripts/basic/fixdep.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/scripts/basic/fixdep.c b/scripts/basic/fixdep.c
index bbf62cb..131c450 100644
--- a/scripts/basic/fixdep.c
+++ b/scripts/basic/fixdep.c
@@ -296,6 +296,7 @@ static void do_config_file(const char *filename)
if (read(fd, map, st.st_size) != st.st_size) {
perror("fixdep: read");
close(fd);
+ free(map);
return;
}
map[st.st_size] = '\0';
--
2.7.4
Powered by blists - more mailing lists