lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BYAPR21MB127087B408352336E0A8BF2ABF359@BYAPR21MB1270.namprd21.prod.outlook.com>
Date:   Thu, 10 Jun 2021 17:28:11 +0000
From:   Dexuan Cui <decui@...rosoft.com>
To:     Dhiraj Shah <find.dhiraj@...il.com>
CC:     KY Srinivasan <kys@...rosoft.com>,
        Haiyang Zhang <haiyangz@...rosoft.com>,
        Stephen Hemminger <sthemmin@...rosoft.com>,
        Wei Liu <wei.liu@...nel.org>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Shachar Raindel <shacharr@...rosoft.com>,
        Colin Ian King <colin.king@...onical.com>,
        "linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] function mana_hwc_create_wq leaks memory

> From: Dexuan Cui <decui@...rosoft.com>
> Sent: Thursday, June 10, 2021 10:18 AM
> ...
> > diff --git a/drivers/net/ethernet/microsoft/mana/hw_channel.c
> > b/drivers/net/ethernet/microsoft/mana/hw_channel.c
> > index 1a923fd99990..4aa4bda518fb 100644
> > --- a/drivers/net/ethernet/microsoft/mana/hw_channel.c
> > +++ b/drivers/net/ethernet/microsoft/mana/hw_channel.c
> > @@ -501,8 +501,10 @@ static int mana_hwc_create_wq(struct
> > hw_channel_context *hwc,
> >  	*hwc_wq_ptr = hwc_wq;
> >  	return 0;
> >  out:
> > -	if (err)
> > +	if (err) {
> 
> Here the 'err' must be non-zero. Can you please remove this 'if'?
> 
> > +		kfree(queue);
> >  		mana_hwc_destroy_wq(hwc, hwc_wq);
> > +	}
> >  	return err;
> >  }
> 
> Reviewed-by: Dexuan Cui <decui@...rosoft.com>

Hi Dhiraj,
I checked the code again and it looks like your patch is actually
unnecessary as IMO there is no memory leak here: the 'queue'
pointer is passed to mana_hwc_destroy_wq() as hwc_wq->gdma_wq,
and is later freed in mana_gd_destroy_queue() ->
mana_gd_destroy_queue().

The 'if' test can be removed as the 'err's is always non-zero there.

Thanks,
Dexuan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ