lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <mvmv8rll2yn.fsf@suse.de>
Date:   Mon, 25 Jul 2022 15:46:40 +0200
From:   Andreas Schwab <schwab@...e.de>
To:     Daniel Bristot de Oliveira <bristot@...nel.org>
Cc:     Steven Rostedt <rostedt@...dmis.org>,
        linux-trace-devel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rtla: fix double free

On Jul 25 2022, Daniel Bristot de Oliveira wrote:

> Hi Andreas
>
> On 7/25/22 15:10, Andreas Schwab wrote:
>> Don't call trace_instance_destroy in trace_instance_init when it fails,
>> this is done by the caller.
>
> Regarding the Subject, are you seeing a double-free error, or it is just an
> optimization?

A double free nowadays is almost always an error, due to better malloc
checking.

> AFAICS, trace_instance_destroy() checks the pointers before calling free().

That doesn't help when the pointer is not cleared afterwards.  Do you
prefer that?

> Why am I asking? because if it is a double-free bug, we need to add the "Fixes:"
> tag,

It's the first time I tried running rtla, so I don't know whether it is
a regression, but from looking at the history it appears to have been
introduced already in commit 0605bf009f18 ("rtla: Add osnoise tool")

-- 
Andreas Schwab, SUSE Labs, schwab@...e.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ