lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190917095241.GP2850@suse.cz>
Date:   Tue, 17 Sep 2019 11:52:41 +0200
From:   David Sterba <dsterba@...e.cz>
To:     Navid Emamdoost <navid.emamdoost@...il.com>
Cc:     David Sterba <dsterba@...e.com>, emamd001@....edu, kjlu@....edu,
        smccaman@....edu, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fs/affs: release memory if affs_init_bitmap fails

On Mon, Sep 16, 2019 at 11:13:42PM -0500, Navid Emamdoost wrote:
> In affs_init_bitmap, on error handling path we may release the allocated
> memory.

Yes the memory should be released but not all paths that lead to the
label 'out' are actually errors:

288                 if (affs_checksum_block(sb, bh)) {
289                         pr_warn("Bitmap %u invalid - mounting %s read only.\n",
290                                 bm->bm_key, sb->s_id);
291                         *flags |= SB_RDONLY;
292                         goto out;
293                 }

ie. the return value 'res' is still 0, and the filesystem is mounted
read-only.

> Signed-off-by: Navid Emamdoost <navid.emamdoost@...il.com>
> ---
>  fs/affs/bitmap.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/fs/affs/bitmap.c b/fs/affs/bitmap.c
> index 5ba9ef2742f6..745ed2cc4b51 100644
> --- a/fs/affs/bitmap.c
> +++ b/fs/affs/bitmap.c
> @@ -347,6 +347,7 @@ int affs_init_bitmap(struct super_block *sb, int *flags)
>  out:
>  	affs_brelse(bh);
>  	affs_brelse(bmap_bh);
> +	kfree(sbi->s_bitmap);

The sbi->s_bitmap would be freed but at umount time it will
be freed again.

>  	return res;
>  }
>  
> -- 
> 2.17.1
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ