lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <a1b8f42b-9076-cc73-a298-4ddba7cfbc32@huawei.com>
Date:   Sat, 8 Feb 2020 11:00:15 +0800
From:   Hou Tao <houtao1@...wei.com>
To:     Richard Weinberger <richard.weinberger@...il.com>,
        Quanyang Wang <quanyang.wang@...driver.com>
CC:     Vignesh Raghavendra <vigneshr@...com>,
        Richard Weinberger <richard@....at>,
        Sascha Hauer <s.hauer@...gutronix.de>,
        LKML <linux-kernel@...r.kernel.org>,
        <linux-mtd@...ts.infradead.org>,
        "Miquel Raynal" <miquel.raynal@...tlin.com>
Subject: Re: [PATCH] ubi: fix memory leak from ubi->fm_anchor

Hi,

The same problem has already been fixed by the patch in the following link early:

https://lore.kernel.org/linux-mtd/0000000000006d0a820599366088@google.com/T/#medffabe29b65eb5feb387bff84c6ec7ad235c310

I will send a v2 next week.

Regards,
Tao

On 2020/2/7 23:54, Richard Weinberger wrote:
> On Mon, Feb 3, 2020 at 10:14 AM Quanyang Wang
> <quanyang.wang@...driver.com> wrote:
>>
>> Ping?
>>
>> On 1/14/20 5:33 PM, quanyang.wang@...driver.com wrote:
>>> From: Quanyang Wang <quanyang.wang@...driver.com>
>>>
>>> Some ubi_wl_entry are allocated in erase_aeb() and one of them is
>>> assigned to ubi->fm_anchor in __erase_worker(). And it should be freed
>>> like others which are freed in tree_destroy(). Otherwise, it will
>>> cause a memory leak:
>>>
>>> unreferenced object 0xbc094318 (size 24):
>>>    comm "ubiattach", pid 491, jiffies 4294954015 (age 420.110s)
>>>    hex dump (first 24 bytes):
>>>      30 43 09 bc 00 00 00 00 00 00 00 00 01 00 00 00  0C..............
>>>      02 00 00 00 04 00 00 00                          ........
>>>    backtrace:
>>>      [<6c2d5089>] erase_aeb+0x28/0xc8
>>>      [<a1c68fb1>] ubi_wl_init+0x1d8/0x4a8
>>>      [<d4f408f8>] ubi_attach+0xffc/0x10d0
>>>      [<add3b5d8>] ubi_attach_mtd_dev+0x5b4/0x9fc
>>>      [<d375a11c>] ctrl_cdev_ioctl+0xb8/0x1d8
>>>      [<72b250f2>] vfs_ioctl+0x28/0x3c
>>>      [<b80095d7>] do_vfs_ioctl+0xb0/0x798
>>>      [<bf9ef69e>] ksys_ioctl+0x58/0x74
>>>      [<5355bdbe>] ret_fast_syscall+0x0/0x54
>>>      [<90c6c3ca>] 0x7eadf854
>>>
>>> Signed-off-by: Quanyang Wang <quanyang.wang@...driver.com>
>>> ---
>>>   drivers/mtd/ubi/wl.c | 2 ++
>>>   1 file changed, 2 insertions(+)
> 
> Good catch!
> Fixes: f9c34bb52997 ("ubi: Fix producing anchor PEBs")
> 
> ---
> Thanks,
> //richard
> 
> ______________________________________________________
> Linux MTD discussion mailing list
> http://lists.infradead.org/mailman/listinfo/linux-mtd/
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ