| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YtJ1mthCP+4laqOn@kroah.com>
Date: Sat, 16 Jul 2022 10:23:54 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Gaosheng Cui <cuigaosheng1@...wei.com>
Cc: srinivas.kandagatla@...aro.org, linux-kernel@...r.kernel.org,
gongruiqi1@...wei.com, wangweiyang2@...wei.com
Subject: Re: [PATCH -next] nvmem: core: Fix memleak in nvmem_register()
On Sat, Jul 16, 2022 at 03:53:52PM +0800, Gaosheng Cui wrote:
> dev_set_name will alloc memory for nvmem->dev.kobj.name in
> nvmem_register, when nvmem_validate_keepouts failed, nvmem's
> memory will be freed and return, but nobody will free memory
> for nvmem->dev.kobj.name, there will be memleak, so using
> kfree_const(nvmem->dev.kobj.name) to fix it.
>
> Fixes: de0534df9347 ("nvmem: core: fix error handling while validating keepout regions")
> Signed-off-by: Gaosheng Cui <cuigaosheng1@...wei.com>
> ---
> drivers/nvmem/core.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/nvmem/core.c b/drivers/nvmem/core.c
> index 1e3c754efd0d..6c75c9afa5f3 100644
> --- a/drivers/nvmem/core.c
> +++ b/drivers/nvmem/core.c
> @@ -833,6 +833,7 @@ struct nvmem_device *nvmem_register(const struct nvmem_config *config)
> rval = nvmem_validate_keepouts(nvmem);
> if (rval) {
> ida_free(&nvmem_ida, nvmem->id);
> + kfree_const(nvmem->dev.kobj.name);
> kfree(nvmem);
Something is really wrong, you should never be touching the name pointer
of a kobject directly like this. Also the device structure itself
should be cleaning up the memory, not a kfree. So this feels wrong...
greg k-h
Powered by blists - more mailing lists