| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <159532307235.3847286.13486568388676452154@swboyd.mtv.corp.google.com>
Date: Tue, 21 Jul 2020 02:17:52 -0700
From: Stephen Boyd <sboyd@...nel.org>
To: aford173@...il.com, marek.vasut@...il.com, mturquette@...libre.com,
trix@...hat.com
Cc: linux-clk@...r.kernel.org, linux-kernel@...r.kernel.org,
Tom Rix <trix@...hat.com>
Subject: Re: [PATCH] clk: vc5: Fix use after free in vc5_probe
Quoting trix@...hat.com (2020-07-19 07:33:24)
> From: Tom Rix <trix@...hat.com>
>
> clang static analysis reports this error
>
> clk-versaclock5.c:887:3: warning: Use of memory after it is freed
> [unix.Malloc]
> dev_err(&client->dev, "unable to register %s\n", init.name);
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> A representative problem block of code is
>
> ret = devm_clk_hw_register(&client->dev, &vc5->clk_mux);
> kfree(init.name); /* clock framework made a copy of the name */
> if (ret) {
> dev_err(&client->dev, "unable to register %s\n", init.name);
> goto err_clk;
> }
>
> init.name is freed and then used.
>
> So reorder the free.
>
> Fixes: f491276a5168 ("clk: vc5: Allow Versaclock driver to support multiple instances")
>
> Signed-off-by: Tom Rix <trix@...hat.com>
> ---
There's another patch on the mailing list for this.
Powered by blists - more mailing lists