| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 8 Mar 2020 09:18:39 +0100
From: Marcel Holtmann <marcel@...tmann.org>
To: Qiujun Huang <hqjagain@...il.com>
Cc: Johan Hedberg <johan.hedberg@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Bluez mailing list <linux-bluetooth@...r.kernel.org>,
netdev <netdev@...r.kernel.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] bluetooth/rfcomm: fix ODEBUG bug in rfcomm_dev_ioctl
Hi Qiujun,
> Needn't call 'rfcomm_dlc_put' here, because 'rfcomm_dlc_exists' didn't
> increase dlc->refcnt.
>
> Reported-by: syzbot+4496e82090657320efc6@...kaller.appspotmail.com
> Signed-off-by: Qiujun Huang <hqjagain@...il.com>
> ---
> net/bluetooth/rfcomm/tty.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c
> index 0c7d31c..ea2a1df0 100644
> --- a/net/bluetooth/rfcomm/tty.c
> +++ b/net/bluetooth/rfcomm/tty.c
> @@ -414,7 +414,6 @@ static int __rfcomm_create_dev(struct sock *sk, void __user *arg)
> if (IS_ERR(dlc))
> return PTR_ERR(dlc);
> else if (dlc) {
> - rfcomm_dlc_put(dlc);
> return -EBUSY;
> }
> dlc = rfcomm_dlc_alloc(GFP_KERNEL);
Please see the proposed change from Hillf.
It is better to not bother with the else if here since the if statement will already leave the function.
if (dlc)
return -EBUSY;
Regards
Marcel
Powered by blists - more mailing lists