| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 6 Nov 2021 16:10:53 +0530
From: Ajay Garg <ajaygargnsit@...il.com>
To: linux-serial@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: Ajay Garg <ajaygargnsit@...il.com>
Subject: [PATCH v2] tty: vt: keyboard: initialize "kbs" so that kfree(kbs) runs fine even if kbs is not kmalloced.
v1 patch at :
https://lore.kernel.org/linux-serial/YYZN30qfaKMskVwE@kroah.com/T/#t
Changes in v2 :
* Changes as required by scripts/checkpatch.pl
* Checking whether kbs is not NULL before kfree is not required,
as kfree(NULL) is safe. So, dropped the check.
For brevity, here is the background :
In "vt_do_kdgkb_ioctl", kbs is kmalloced, if cmd is one of KDGKBSENT or
KDSKBSENT.
If cmd is none of the above, kbs is not kmalloced, and runs
direct to kfree(kbs).
Values of local-variables on the stack can take indeterminate values,
so we initialize kbs to NULL. Then, if kbs is not kmalloced, we have
kfree(NULL) at the last.
Note that kfree(NULL) is safe.
Signed-off-by: Ajay Garg <ajaygargnsit@...il.com>
---
drivers/tty/vt/keyboard.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/tty/vt/keyboard.c b/drivers/tty/vt/keyboard.c
index dfef7de8a057..54155fc91cd2 100644
--- a/drivers/tty/vt/keyboard.c
+++ b/drivers/tty/vt/keyboard.c
@@ -2049,7 +2049,7 @@ int vt_do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm)
{
unsigned char kb_func;
unsigned long flags;
- char *kbs;
+ char *kbs = NULL;
int ret;
if (get_user(kb_func, &user_kdgkb->kb_func))
--
2.30.2
Powered by blists - more mailing lists