lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 31 Aug 2021 22:29:10 -0700
From:   Stephen Boyd <sboyd@...nel.org>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     Christophe JAILLET <christophe.jaillet@...adoo.fr>,
        Julia.Lawall@...ia.fr, gregory.clement@...tlin.com,
        lee.jones@...aro.org, mturquette@...libre.com,
        linux-clk@...r.kernel.org, linux-kernel@...r.kernel.org,
        kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] clk: mvebu: ap-cpu-clk: Fix a memory leak in error handling paths

Quoting Dan Carpenter (2021-08-30 04:59:31)
> On Sat, Aug 28, 2021 at 10:27:17PM -0700, Stephen Boyd wrote:
> > Quoting Christophe JAILLET (2021-04-23 00:02:26)
> > > If we exit the for_each_of_cpu_node loop early, the reference on the
> > > current node must be decremented, otherwise there is a leak.
> > > 
> > > Fixes: f756e362d938 ("clk: mvebu: add CPU clock driver for Armada 7K/8K")
> > > Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>
> > > ---
> > > Also, I wonder if the drivers in drivers/clk/mvebu are used by anyone.
> > > In order to compile-test the changes, I also had to change the 'bool' in Kconfig
> > > by 'bool "blah"'. Without this change, it was not possible to set
> > > CONFIG_ARMADA_AP_CPU_CLK required by Makefile.
> > > 
> > > I don't know if I did something wrong, if it is an issue only on my environment
> > > or if something got broken at some time in the build chain but it looks
> > > spurious.
> > > 
> > > If I'm right and that these drivers never compile and no-one noticed it,
> > > maybe removing them is better than fixing some unlikely issues and style.
> > > If these drivers should stay, Kconfig may need some love from someone.
> > 
> > Nobody has said anything on this patch. So I'm not really sure what's
> > going on. Probably we never take the error path, or the whole system
> > fails to boot?
> 
> You probably take this one.
> 
>    106                  /* If cpu2 or cpu3 is enabled */
>    107                  if (cpu & APN806_CLUSTER_NUM_MASK) {
>    108                          nclusters = 2;
>    109  +                       of_node_put(dn);
>    110                          break;
>    111                  }
> 
> But, yeah, probably on one carse of "dn" can't be freed in real life.
> 
> Still probably worth fixing though just for correctness.  Otherwise it
> makes static analysis less effective if people deliberately leave bugs
> in the code.

Thanks. Can we turn that into a Reviewed-by?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ