lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1553596191-78889-1-git-send-email-peng.hao2@zte.com.cn>
Date:   Tue, 26 Mar 2019 18:29:51 +0800
From:   Peng Hao <peng.hao2@....com.cn>
To:     vitb@...nel.crashing.org, benh@...nel.crashing.org,
        paulus@...ba.org, mpe@...erman.id.au, christophe.leroy@....fr
Cc:     Wen Yang <wen.yang99@....com.cn>, linuxppc-dev@...ts.ozlabs.org,
        linux-kernel@...r.kernel.org
Subject: [PATCH v3] powerpc/8xx: fix possible object reference leak

From: Wen Yang <wen.yang99@....com.cn>

The call to of_find_compatible_node returns a node pointer with refcount
incremented thus it must be explicitly decremented after the last
usage.
irq_domain_add_linear also calls of_node_get to increase refcount,
so irq_domain will not be affected when it is released.

Detected by coccinelle with the following warnings:
./arch/powerpc/platforms/8xx/pic.c:158:1-7: ERROR: missing of_node_put; acquired a node pointer with refcount incremented on line 136, but without a corresponding object release within this function.

Fixes: a8db8cf0d894 ("irq_domain: Replace irq_alloc_host() with
revmap-specific initializers")
Signed-off-by: Wen Yang <wen.yang99@....com.cn>
Suggested-by: Christophe Leroy <christophe.leroy@....fr>
Suggested-by: Michael Ellerman <mpe@...erman.id.au>
Reviewed-by: Peng Hao <peng.hao2@....com.cn>
Reviewed-by: Christophe Leroy <christophe.leroy@....fr>
Cc: Vitaly Bordug <vitb@...nel.crashing.org>
Cc: Benjamin Herrenschmidt <benh@...nel.crashing.org>
Cc: Paul Mackerras <paulus@...ba.org>
Cc: Michael Ellerman <mpe@...erman.id.au>
Cc: linuxppc-dev@...ts.ozlabs.org
Cc: linux-kernel@...r.kernel.org
---
v3->v2: set ret to zero explicitly.
v2->v1: add a Fixes tag.  

 arch/powerpc/platforms/8xx/pic.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/powerpc/platforms/8xx/pic.c b/arch/powerpc/platforms/8xx/pic.c
index 8d5a25d..9993998 100644
--- a/arch/powerpc/platforms/8xx/pic.c
+++ b/arch/powerpc/platforms/8xx/pic.c
@@ -153,9 +153,9 @@ int mpc8xx_pic_init(void)
 	if (mpc8xx_pic_host == NULL) {
 		printk(KERN_ERR "MPC8xx PIC: failed to allocate irq host!\n");
 		ret = -ENOMEM;
-		goto out;
 	}
-	return 0;
+
+	ret = 0;
 
 out:
 	of_node_put(np);
-- 
2.9.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ