lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZIlzgEZCTHmoMm8c@kekkonen.localdomain>
Date:   Wed, 14 Jun 2023 08:00:00 +0000
From:   Sakari Ailus <sakari.ailus@...ux.intel.com>
To:     Christophe JAILLET <christophe.jaillet@...adoo.fr>
Cc:     Mauro Carvalho Chehab <mchehab@...nel.org>,
        linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org,
        linux-media@...r.kernel.org
Subject: Re: [PATCH] media: v4l2-core: Fix a potential resource leak in
 v4l2_fwnode_parse_link()

Hi Christophe,

On Tue, Jun 13, 2023 at 07:15:40PM +0200, Christophe JAILLET wrote:
> Le 13/06/2023 à 12:55, Sakari Ailus a écrit :
> > Hi Christophe,
> > 
> > On Mon, May 29, 2023 at 08:17:18AM +0200, Christophe JAILLET wrote:
> > > 'fwnode is known to be NULL, at this point, so fwnode_handle_put() is a
> > > no-op.
> > > 
> > > Release the reference taken from a previous fwnode_graph_get_port_parent()
> > > call instead.
> > > 
> > > Fixes: ca50c197bd96 ("[media] v4l: fwnode: Support generic fwnode for parsing standardised properties")
> > > Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>
> > > ---
> > > /!\  THIS PATCH IS SPECULATIVE  /!\
> > >           review with care
> > > ---
> > >   drivers/media/v4l2-core/v4l2-fwnode.c | 2 +-
> > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/drivers/media/v4l2-core/v4l2-fwnode.c b/drivers/media/v4l2-core/v4l2-fwnode.c
> > > index 049c2f2001ea..b7dd467c53fd 100644
> > > --- a/drivers/media/v4l2-core/v4l2-fwnode.c
> > > +++ b/drivers/media/v4l2-core/v4l2-fwnode.c
> > > @@ -571,7 +571,7 @@ int v4l2_fwnode_parse_link(struct fwnode_handle *fwnode,
> > >   	fwnode = fwnode_graph_get_remote_endpoint(fwnode);
> > >   	if (!fwnode) {
> > > -		fwnode_handle_put(fwnode);
> > > +		fwnode_handle_put(link->local_node);
> > 
> > link->local_node also needs to be non-NULL for the successful case. The
> > condition should take that into account. Could you send v2 with that?
> > 
> > >   		return -ENOLINK;
> > >   	}
> > 
> 
> Hi,
> something like below?

Ah, remote_node must be non-NULL, too, indeed. It was surprisingly broken.

> 
> @@ -568,19 +568,25 @@ int v4l2_fwnode_parse_link(struct fwnode_handle
> *fwnode,
>  	link->local_id = fwep.id;
>  	link->local_port = fwep.port;
>  	link->local_node = fwnode_graph_get_port_parent(fwnode);
> +	if (!link->local_node)
> +		return -ENOLINK;
> 
>  	fwnode = fwnode_graph_get_remote_endpoint(fwnode);
> -	if (!fwnode) {
> -		fwnode_handle_put(fwnode);
> -		return -ENOLINK;
> -	}
> +	if (!fwnode)
> +		goto err_put_local_node;

On error, fwnode needs to be put from this onwards, too.

But you can use a single label: fwnode_handle_put() is NULL-safe.

> 
>  	fwnode_graph_parse_endpoint(fwnode, &fwep);
>  	link->remote_id = fwep.id;
>  	link->remote_port = fwep.port;
>  	link->remote_node = fwnode_graph_get_port_parent(fwnode);
> +	if (!link->remote_node)
> +		goto err_put_local_node;
> 
>  	return 0;
> +
> +err_put_local_node:
> +	fwnode_handle_put(link->local_node);
> +	return -ENOLINK;
>  }
>  EXPORT_SYMBOL_GPL(v4l2_fwnode_parse_link);

-- 
Kind regards,

Sakari Ailus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ