lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 15 Nov 2018 22:42:11 +0100
From:   Richard Weinberger <richard@....at>
To:     Garry McNulty <garrmcnu@...il.com>
Cc:     linux-mtd@...ts.infradead.org, dedekind1@...il.com,
        adrian.hunter@...el.com, s.hauer@...gutronix.de,
        linux-kernel@...r.kernel.org, colin.king@...onical.com
Subject: Re: [PATCH] ubifs: fix memory leak on error condition

Am Donnerstag, 15. November 2018, 21:38:50 CET schrieb Garry McNulty:
> If the call to ubifs_read_nnode() fails in ubifs_lpt_calc_hash() an
> error is returned without freeing the memory allocated to 'buf'.
> Jump to 'out' label to free allocated memory and return the error code.
> 
> Detected by CoverityScan, CID 1441025 ("Resource leak")
> 
> Signed-off-by: Garry McNulty <garrmcnu@...il.com>
> ---
>  fs/ubifs/lpt.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/ubifs/lpt.c b/fs/ubifs/lpt.c
> index d1d5e96350dd..c162459a1e02 100644
> --- a/fs/ubifs/lpt.c
> +++ b/fs/ubifs/lpt.c
> @@ -1688,7 +1688,7 @@ int ubifs_lpt_calc_hash(struct ubifs_info *c, u8 *hash)
>  	if (!c->nroot) {
>  		err = ubifs_read_nnode(c, NULL, 0);
>  		if (err)
> -			return err;
> +			goto out;
>  	}
>  
>  	cnode = (struct ubifs_cnode *)c->nroot;

Please see:
http://lists.infradead.org/pipermail/linux-mtd/2018-October/085081.html

If Colin won't send a v2, please do you so, then I'll take your v2.

Thanks,
//richard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ