lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 22:56:40 +0000 From: "Verma, Vishal L" <vishal.l.verma@...el.com> To: "kjlu@....edu" <kjlu@....edu> CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-nvdimm@...ts.01.org" <linux-nvdimm@...ts.01.org>, "pakki001@....edu" <pakki001@....edu>, "zwisler@...nel.org" <zwisler@...nel.org> Subject: Re: [PATCH] nvdimm: btt_devs: fix a NULL pointer dereference and a memory leak On Fri, 2019-03-22 at 22:49 +0000, Verma, Vishal L wrote: > On Tue, 2019-03-12 at 03:15 -0500, Kangjie Lu wrote: > > In case kmemdup fails, the fix releases resources and returns to > > avoid the NULL pointer dereference. > > Also, the error paths in the following code should release > > resources to avoid memory leaks. > > > > Signed-off-by: Kangjie Lu <kjlu@....edu> > > --- > > drivers/nvdimm/btt_devs.c | 8 +++++++- > > 1 file changed, 7 insertions(+), 1 deletion(-) > > > > Looks good, > Reviewed-by: Vishal Verma <vishal.l.verma@...el.com> Looking again, there is another kmemdup() call in __nd_btt_probe which is lacking error checking. And referring to your other related patch to namespace_devs, that has /several/ instances of the same thing. Instead of fixing just a couple of these, it might be worthwhile to send a wider cleanup patch to catch all of these, at least within drivers/nvdimm/ for starters, instead of a select few. > > > diff --git a/drivers/nvdimm/btt_devs.c b/drivers/nvdimm/btt_devs.c > > index 795ad4ff35ca..565ea0b6f765 100644 > > --- a/drivers/nvdimm/btt_devs.c > > +++ b/drivers/nvdimm/btt_devs.c > > @@ -196,8 +196,13 @@ static struct device *__nd_btt_create(struct > > nd_region *nd_region, > > } > > > > nd_btt->lbasize = lbasize; > > - if (uuid) > > + if (uuid) { > > uuid = kmemdup(uuid, 16, GFP_KERNEL); > > + if (!uuid) { > > + kfree(nd_btt); > > + return NULL; > > + } > > + } > > nd_btt->uuid = uuid; > > dev = &nd_btt->dev; > > dev_set_name(dev, "btt%d.%d", nd_region->id, nd_btt->id); > > @@ -209,6 +214,7 @@ static struct device *__nd_btt_create(struct > > nd_region *nd_region, > > dev_dbg(&ndns->dev, "failed, already claimed by %s\n", > > dev_name(ndns->claim)); > > put_device(dev); > > + kfree(uuid); > > return NULL; > > } > > return dev; > > _______________________________________________ > Linux-nvdimm mailing list > Linux-nvdimm@...ts.01.org > https://lists.01.org/mailman/listinfo/linux-nvdimm
Powered by blists - more mailing lists