lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20221125101047.6772413447785430ccbf8046@kernel.org>
Date:   Fri, 25 Nov 2022 10:10:47 +0900
From:   Masami Hiramatsu (Google) <mhiramat@...nel.org>
To:     Beau Belgrave <beaub@...ux.microsoft.com>
Cc:     rostedt@...dmis.org, linux-trace-devel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tracing/user_events: Fix call print_fmt leak

On Wed, 23 Nov 2022 10:32:48 -0800
Beau Belgrave <beaub@...ux.microsoft.com> wrote:

> If user_event_trace_register() fails within user_event_parse() the
> call's print_fmt member is not freed. Add kfree call to fix this.
> 
> Fixes: aa3b2b4c6692 ("user_events: Add print_fmt generation support for basic types")
> Signed-off-by: Beau Belgrave <beaub@...ux.microsoft.com>

This looks good to me.

Acked-by: Masami Hiramatsu (Google) <mhiramat@...nel.org>

Thank you!

> ---
>  kernel/trace/trace_events_user.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
> index ae78c2d53c8a..b46844736015 100644
> --- a/kernel/trace/trace_events_user.c
> +++ b/kernel/trace/trace_events_user.c
> @@ -1357,6 +1357,7 @@ static int user_event_parse(struct user_event_group *group, char *name,
>  put_user:
>  	user_event_destroy_fields(user);
>  	user_event_destroy_validators(user);
> +	kfree(user->call.print_fmt);
>  	kfree(user);
>  	return ret;
>  }
> -- 
> 2.25.1
> 


-- 
Masami Hiramatsu (Google) <mhiramat@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ