lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 12 Jun 2020 14:38:24 +0800
From:   Guo Fan <guofan5@...wei.com>
To:     <jgg@...pe.ca>, <leon@...nel.org>
CC:     <linux-kernel@...r.kernel.org>, <linux-rdma@...r.kernel.org>
Subject: [PATCH] IB/mad: fix possible memory leak in ib_mad_post_receive_mads()

From: Fan Guo <guofan5@...wei.com>

If ib_dma_mapping_error() returns non-zero value, ib_mad_post_receive_mads
will jump out of loops and return -ENOMEM without freeing mad_priv. We fix
this memory-leak problem by freeing mad_priv in this case.

Fixes: 2c34e68f4261 ("IB/mad: Check and handle potential DMA mapping errors")
Signed-off-by: Fan Guo <guofan5@...wei.com>
---
 drivers/infiniband/core/mad.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/infiniband/core/mad.c b/drivers/infiniband/core/mad.c
index 186e0d652e8b..5e080191a725 100644
--- a/drivers/infiniband/core/mad.c
+++ b/drivers/infiniband/core/mad.c
@@ -2718,6 +2718,7 @@ static int ib_mad_post_receive_mads(struct ib_mad_qp_info *qp_info,
 						 DMA_FROM_DEVICE);
 		if (unlikely(ib_dma_mapping_error(qp_info->port_priv->device,
 						  sg_list.addr))) {
+			kfree(mad_priv);
 			ret = -ENOMEM;
 			break;
 		}
-- 
2.25.1

Powered by blists - more mailing lists