lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Yy79m+NcW2tmbH5E@kroah.com>
Date:   Sat, 24 Sep 2022 14:52:43 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
Cc:     linux-kernel@...r.kernel.org,
        Gaosheng Cui <cuigaosheng1@...wei.com>, stable@...r.kernel.org
Subject: Re: [PATCH] nvmem: core: Fix memleak in nvmem_register()

On Fri, Sep 16, 2022 at 01:04:02PM +0100, Srinivas Kandagatla wrote:
> From: Gaosheng Cui <cuigaosheng1@...wei.com>
> 
> dev_set_name will alloc memory for nvmem->dev.kobj.name in
> nvmem_register, when nvmem_validate_keepouts failed, nvmem's
> memory will be freed and return, but nobody will free memory
> for nvmem->dev.kobj.name, there will be memleak, so moving
> nvmem_validate_keepouts() after device_register() and let
> the device core deal with cleaning name in error cases.
> 
> Fixes: de0534df9347 ("nvmem: core: fix error handling while validating keepout regions")
> Cc: stable@...r.kernel.org
> Signed-off-by: Gaosheng Cui <cuigaosheng1@...wei.com>
> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
> ---
> Hi Greg,
> 
> Here is a fix in nvmem core which can possibly go in next rc.
> Could you please pick this up.

I missed this for 6.0-final, but as it's only on a not-ever-hit error
path, it can wait for 6.1-rc1.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ