lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOo-nLLpNfHzrOyF4P0XvFK1h+J+aZqGL+AqmZP2PG6C=rcFjg@mail.gmail.com>
Date:   Fri, 31 Dec 2021 10:31:51 +0800
From:   Hangyu Hua <hbh25y@...il.com>
To:     Alan Stern <stern@...land.harvard.edu>
Cc:     balbi@...nel.org, gregkh@...uxfoundation.org, axboe@...nel.dk,
        jj251510319013@...il.com, dan.carpenter@...cle.com,
        linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 2/2] usb: gadget: clear related members when goto fail

On 2021/12/31 上午3:46, Alan Stern wrote:
> You must not do this.  I never sent you an Acked-by for this patch; you
> shouldn't claim that I did.

I am sorry about this. I should read the linux kernel community rules
more carefully.

>>      value = usb_gadget_probe_driver(&gadgetfs_driver);
>>      if (value != 0) {
>> +            dev->dev = NULL;
>> +            dev->hs_config = NULL;
>> +            dev->config = NULL;
>>              kfree (dev->buf);
>>              dev->buf = NULL;
> Why not just grep the lock and goto fail?

You are right. I will modify my patch later.

>>      } else {
>> @@ -1892,7 +1895,12 @@ dev_config (struct file *fd, const char __user *buf, size_t len, loff_t *ptr)
>>      }
>>      return value;
>>
>> +fail2:
>> +    dev->dev = NULL;
>> +fail1:
>> +    dev->hs_config = NULL;
>
> It is not necessary to have all these different statement labels.  You
> can simply have "fail:" clear all three pointers.
>
>>   fail:
>> +    dev->config = NULL;
>>      spin_unlock_irq (&dev->lock);
>>      pr_debug ("%s: %s fail %zd, %p\n", shortname, __func__, value, dev);
>>      kfree (dev->buf);
>
> Alan Stern
>

I don't think so. It is not necessary to clean all three pointers if
some of them aren't kbuf. I think it may be better to keep their own
pointers.

Thanks. Happy new year.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ