lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Yp961zPy064+ouF0@sirena.org.uk>
Date:   Tue, 7 Jun 2022 17:20:39 +0100
From:   Mark Brown <broonie@...nel.org>
To:     Xiaohui Zhang <xiaohuizhang@....edu.cn>
Cc:     linux-spi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] spi: fix use after free in of_spi_notify

On Tue, Jun 07, 2022 at 11:52:33PM +0800, Xiaohui Zhang wrote:
> We can't use "ctlr->dev" after it has been freed.

>  		spi = of_register_spi_device(ctlr, rd->dn);
> -		put_device(&ctlr->dev);
>  
>  		if (IS_ERR(spi)) {
>  			pr_err("%s: failed to create for '%pOF'\n",
>  					__func__, rd->dn);
> +			put_device(&ctlr->dev);
>  			of_node_clear_flag(rd->dn, OF_POPULATED);
>  			return notifier_from_errno(PTR_ERR(spi));
>  		}
> +		put_device(&ctlr->dev);
>  		break;

Could you be more explicit about where the problematic use of ctlr->dev
is please?

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ