lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAKwiHFguCbT_0i3XWen-c58vzNNPESij9jO8Ou3PdK=_N4kYfA@mail.gmail.com>
Date:   Fri, 2 Mar 2018 09:22:57 +0100
From:   Rasmus Villemoes <linux@...musvillemoes.dk>
To:     Tony Luck <tony.luck@...el.com>, Fenghua Yu <fenghua.yu@...el.com>
Cc:     Rasmus Villemoes <linux@...musvillemoes.dk>,
        linux-ia64@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC 2/5] ia64/sn/hwperf: use seq_open_data

On 2 March 2018 at 00:37, Rasmus Villemoes <linux@...musvillemoes.dk> wrote:
> This code should check the return value of seq_open(); if it failed,
> file->private_data is NULL. But we can avoid the issue entirely and
> simplify the code by letting seq_open_data() set the ->private member
> to objbuf.
>
>         if ((e = sn_hwperf_enum_objects(&nobj, &objbuf)) == 0) {
> -               e = seq_open(file, &sn_topology_seq_ops);
> -               seq = file->private_data;
> -               seq->private = objbuf;
> +               e = seq_open_data(file, &sn_topology_seq_ops, objbuf);
>         }

Well, this turns a NULL deref into a resource leak; we still need to
add a check of the return value and vfree(objbuf) on failure.

Rasmus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ