lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20180221124707.26308-1-embedded24@evers-fischer.de>
Date:   Wed, 21 Feb 2018 13:47:05 +0100
From:   Rolf Evers-Fischer <embedded24@...rs-fischer.de>
To:     kishon@...com
Cc:     lorenzo.pieralisi@....com, bhelgaas@...gle.com,
        linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org,
        Rolf Evers-Fischer <embedded24@...rs-fischer.de>
Subject: [PATCH 0/2] pci: endpoint: Fix double free in pci_epf_create()

When I accidentally created a new endpoint device with an empty name,
the kernel warned about "attempted to be registered with empty name!"
and crashed afterwards.

It turned out that the crash was not caused by the 'device_add()'
function itself, but by a double kfree of 'epf->name' and 'epf'.

The first patch just simplifies the code, while the second patch
fixes the problem.

Rolf Evers-Fischer (2):
  pci: endpoint: Free func_name after last usage
  pci: endpoint: Fix kernel panic after put_device()

 drivers/pci/endpoint/pci-epf-core.c | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

-- 
2.16.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ