| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 May 2019 10:19:32 +0800
From: Gen Zhang <blackgod016574@...il.com>
To: jslaby@...e.com
Cc: keescook@...omium.org, khorenko@...tuozzo.com,
linux-kernel@...r.kernel.org
Subject: [PATCH v2] consolemap: Fix a memory leaking bug in
con_insert_unipair()
In function con_insert_unipair(), when allocation for p2 and p1[n]
fails, ENOMEM is returned, but previously allocated p1 is not freed,
remains as leaking memory. Thus we should free p1 as well when this
allocation fails.
Signed-off-by: Gen Zhang <blackgod016574@...il.com>
Reviewed-by: Kees Cook <keescook@...omium.org>
---
diff --git a/drivers/tty/vt/consolemap.c b/drivers/tty/vt/consolemap.c
index b28aa0d..79fcc96 100644
--- a/drivers/tty/vt/consolemap.c
+++ b/drivers/tty/vt/consolemap.c
@@ -489,7 +489,11 @@ con_insert_unipair(struct uni_pagedir *p, u_short unicode, u_short fontpos)
p2 = p1[n = (unicode >> 6) & 0x1f];
if (!p2) {
p2 = p1[n] = kmalloc_array(64, sizeof(u16), GFP_KERNEL);
- if (!p2) return -ENOMEM;
+ if (!p2) {
+ kfree(p1);
+ p->uni_pgdir[n] = NULL;
+ return -ENOMEM;
+ }
memset(p2, 0xff, 64*sizeof(u16)); /* No glyphs for the characters (yet) */
}
---
Powered by blists - more mailing lists