| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Oct 2023 19:00:20 -0700 From: Stephen Boyd <sboyd@...nel.org> To: Ma Ke <make_ruc2021@....com>, mchehab+huawei@...nel.org Cc: linux-kernel@...r.kernel.org, Ma Ke <make_ruc2021@....com> Subject: Re: [PATCH] spmi: hisi-spmi-controller: fix potential memory leak in spmi_controller_probe() Quoting Ma Ke (2023-09-21 19:52:16) > spmi_controller_alloc() allocates a memory space for ctrl. When some > errors occur, ctrl should be handled by spmi_controller_put() and set > spmi_controller->controller = NULL because spmi_controller->controller > has a dangling pointer to the freed memory. When the failure happens, > the function returns without calling spmi_controller_put() and setting > spmi_controller->controller = NULL, which will lead to a memory leak. > > When the failure happens, we can fix it by calling spmi_controller_put() > and setting spmi_controller->controller = NULL in all of the places > where we call spmi_controller_put(). > > Signed-off-by: Ma Ke <make_ruc2021@....com> > --- > drivers/spmi/hisi-spmi-controller.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/spmi/hisi-spmi-controller.c b/drivers/spmi/hisi-spmi-controller.c > index 9cbd473487cb..5b3cfa7f5056 100644 > --- a/drivers/spmi/hisi-spmi-controller.c > +++ b/drivers/spmi/hisi-spmi-controller.c > @@ -321,6 +321,7 @@ static int spmi_controller_probe(struct platform_device *pdev) > > err_put_controller: > spmi_controller_put(ctrl); > + spmi_controller->controller = NULL; The controller will most likely be freed after the put call one line above so this will oops. No thanks.
Powered by blists - more mailing lists