| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Apr 2022 08:59:54 +0200
From: Jiri Slaby <jirislaby@...nel.org>
To: 聂江磊 <niejianglei2021@....com>,
gregkh@...uxfoundation.org
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tty: vt: consolemap: Add missing kfree() in
con_do_clear_unimap()
Hi,
On 09. 03. 22, 13:34, 聂江磊 wrote:
> I found this bug by using clang static analyse checkers. I found that
> function con_release_unimap() is only called in this
> file(drivers/tty/vt/consolemap.c b/drivers/tty/vt/consolemap.c). There
> are totally 5 times that con_release_unimap() is called
> (line 430, 466, 522, 599, 673) while con_release_unimap() is not
> followed by kfree() only in line 522. So I think it is a bug
> and make this patch.
>
>
> At 2022-03-03 10:06:30, "Jianglei Nie" <niejianglei2021@....com> wrote:
>>We should free p after con_release_unimap(p) like the call points of
>>con_release_unimap() do in the same file.
But this one does not free it on purpose, right? See below.
>>This patch adds the missing kfree() after con_release_unimap(p).
>>
>>Signed-off-by: Jianglei Nie <niejianglei2021@....com>
>>---
>> drivers/tty/vt/consolemap.c | 1 +
>> 1 file changed, 1 insertion(+)
>>
>>diff --git a/drivers/tty/vt/consolemap.c b/drivers/tty/vt/consolemap.c
>>index d815ac98b39e..5279c3d27720 100644
>>--- a/drivers/tty/vt/consolemap.c
>>+++ b/drivers/tty/vt/consolemap.c
>>@@ -520,6 +520,7 @@ static int con_do_clear_unimap(struct vc_data *vc)
>> p->refcount++;
>> p->sum = 0;
>> con_release_unimap(p);
>>+ kfree(p);
You've just broken con_set_unimap(), or do I miss something?
>> }
>> return 0;
>> }
--
js
suse labs
Powered by blists - more mailing lists