| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <23d82d8b-d600-b28f-9444-65afe04a781a@web.de>
Date: Mon, 15 Jul 2019 08:40:30 +0200
From: Markus Elfring <Markus.Elfring@....de>
To: Wen Yang <wen.yang99@....com.cn>, alsa-devel@...a-project.org,
kernel-janitors@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Cheng Shengyu <cheng.shengyu@....com.cn>,
Jaroslav Kysela <perex@...ex.cz>,
Krzysztof Kozlowski <krzk@...nel.org>,
Liam Girdwood <lgirdwood@...il.com>,
Mark Brown <broonie@...nel.org>,
Sangbeom Kim <sbkim73@...sung.com>,
Sylwester Nawrocki <s.nawrocki@...sung.com>,
Takashi Iwai <tiwai@...e.com>,
Xue Zhihong <xue.zhihong@....com.cn>,
Yi Wang <wang.yi59@....com.cn>
Subject: Re: [2/2] ASoC: samsung: odroid: fix a double-free issue for cpu_dai
> These two updates fix two different bugs.
I can follow this view to some degree.
> and the other is the double-free issue
This programming error affects also the use of data structures which became invalid.
https://cwe.mitre.org/data/definitions/415.html#oc_415_Notes
> So we sent two patches to fix them separately.
You would like to fix something according to two variables (of the data type “device_node *”)
in the same function implementation.
Please combine these corrections in an update step under a topic like
“ASoC: samsung: odroid: Fix handling of device node references in odroid_audio_probe()”.
(The previous update step would contain still a known programming mistake otherwise,
wouldn't it?)
Regards,
Markus
Powered by blists - more mailing lists