| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 23:31:43 +0000
From: "Verma, Vishal L" <vishal.l.verma@...el.com>
To: "kjlu@....edu" <kjlu@....edu>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-nvdimm@...ts.01.org" <linux-nvdimm@...ts.01.org>,
"pakki001@....edu" <pakki001@....edu>,
"zwisler@...nel.org" <zwisler@...nel.org>
Subject: Re: [PATCH] nvdimm: btt_devs: fix a NULL pointer dereference and a
memory leak
On Fri, 2019-03-22 at 22:56 +0000, Verma, Vishal L wrote:
> On Fri, 2019-03-22 at 22:49 +0000, Verma, Vishal L wrote:
> > On Tue, 2019-03-12 at 03:15 -0500, Kangjie Lu wrote:
> > > In case kmemdup fails, the fix releases resources and returns to
> > > avoid the NULL pointer dereference.
> > > Also, the error paths in the following code should release
> > > resources to avoid memory leaks.
> > >
> > > Signed-off-by: Kangjie Lu <kjlu@....edu>
> > > ---
> > > drivers/nvdimm/btt_devs.c | 8 +++++++-
> > > 1 file changed, 7 insertions(+), 1 deletion(-)
> > >
> >
> > Looks good,
> > Reviewed-by: Vishal Verma <vishal.l.verma@...el.com>
>
> Looking again, there is another kmemdup() call in __nd_btt_probe which
> is lacking error checking.
> And referring to your other related patch to namespace_devs, that has
> /several/ instances of the same thing.
>
> Instead of fixing just a couple of these, it might be worthwhile to send
> a wider cleanup patch to catch all of these, at least within
> drivers/nvdimm/ for starters, instead of a select few.
Hm, ignore this comment - these are the only two unchecked instances.
Powered by blists - more mailing lists