| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Mar 2021 17:02:28 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: lyl2019@...l.ustc.edu.cn
Cc: santosh.shilimkar@...cle.com, kuba@...nel.org,
netdev@...r.kernel.org, linux-rdma@...r.kernel.org,
rds-devel@....oracle.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net/rds: Fix a use after free in rds_message_map_pages
From: Lv Yunlong <lyl2019@...l.ustc.edu.cn>
Date: Tue, 30 Mar 2021 03:16:02 -0700
> @@ -348,7 +348,7 @@ struct rds_message *rds_message_map_pages(unsigned long *page_addrs, unsigned in
> rm->data.op_sg = rds_message_alloc_sgs(rm, num_sgs);
> if (IS_ERR(rm->data.op_sg)) {
> rds_message_put(rm);
> - return ERR_CAST(rm->data.op_sg);
> + return ERR_PTR(-ENOMEM);
> }
>
> for (i = 0; i < rm->data.op_nents; ++i) {
Maybe instead do:
int err = ERR_CAST(rm->data.op_sg);
rds_message_put(rm);
return err;
Then if rds_message_alloc_sgs() starts to return other errors, they will propagate.
Thank you.
Powered by blists - more mailing lists