lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 28 Jan 2021 16:18:23 +0100
From:   Vlastimil Babka <vbabka@...e.cz>
To:     Colin King <colin.king@...onical.com>,
        Seth Jennings <sjenning@...hat.com>,
        Dan Streetman <ddstreet@...e.org>,
        Vitaly Wool <vitaly.wool@...sulko.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Tian Tao <tiantao6@...ilicon.com>,
        Stephen Rothwell <sfr@...b.auug.org.au>, linux-mm@...ck.org
Cc:     kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH][next] mm/zswap: fix potential uninitialized pointer read
 on tmp

On 1/28/21 3:17 PM, Colin King wrote:
> From: Colin Ian King <colin.king@...onical.com>
> 
> In the case where zpool_can_sleep_mapped(pool) returns 0
> then tmp is not allocated and tmp is then an uninitialized
> pointer. Later if entry is null, tmp is freed, hence free'ing
> an uninitialized pointer. Fix this by ensuring tmp is initialized
> to NULL.
> 
> Addresses-Coverity: ("Uninitialized pointer read")
> Fixes: 908aa806dba0 ("mm/zswap: fix potential memory leak")

That's a linux-next hash, patch is in mmotm [1] *) You know what it means...

*) actually it's not there, yet it is in -next. What's going on?

[1]
https://ozlabs.org/~akpm/mmotm/broken-out/mm-zswap-fix-potential-memory-leak.patch

> Signed-off-by: Colin Ian King <colin.king@...onical.com>
> ---
>  mm/zswap.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/mm/zswap.c b/mm/zswap.c
> index 8d1381b1178d..578d9f256920 100644
> --- a/mm/zswap.c
> +++ b/mm/zswap.c
> @@ -935,7 +935,7 @@ static int zswap_writeback_entry(struct zpool *pool, unsigned long handle)
>  	struct scatterlist input, output;
>  	struct crypto_acomp_ctx *acomp_ctx;
>  
> -	u8 *src, *tmp;
> +	u8 *src, *tmp = NULL;
>  	unsigned int dlen;
>  	int ret;
>  	struct writeback_control wbc = {
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ