lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKYAXd-ULRwKdDLs2XPwf6n9_HTHUJv1+aLmbWN5SqjUxw_xNQ@mail.gmail.com>
Date: Tue, 9 Jan 2024 22:46:30 +0900
From: Namjae Jeon <linkinjeon@...nel.org>
To: Fedor Pchelkin <pchelkin@...ras.ru>
Cc: Steve French <sfrench@...ba.org>, Sergey Senozhatsky <senozhatsky@...omium.org>, 
	Tom Talpey <tom@...pey.com>, Ronnie Sahlberg <lsahlber@...hat.com>, Hyunchul Lee <hyc.lee@...il.com>, 
	linux-cifs@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Alexey Khoroshilov <khoroshilov@...ras.ru>, lvc-project@...uxtesting.org
Subject: Re: [PATCH] ksmbd: free ppace array on error in parse_dacl

2024-01-09 22:34 GMT+09:00, Fedor Pchelkin <pchelkin@...ras.ru>:
> Free the ppace array if one of the init_acl_state() calls inside
> parse_dacl() fails. At the moment the function may fail only due to the
> memory allocation errors so it's highly unlikely in this case but
> nevertheless a fix is needed.
>
> Found by Linux Verification Center (linuxtesting.org).
>
> Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
> Signed-off-by: Fedor Pchelkin <pchelkin@...ras.ru>
> ---
>  fs/smb/server/smbacl.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/fs/smb/server/smbacl.c b/fs/smb/server/smbacl.c
> index 1164365533f0..e6d0537cab49 100644
> --- a/fs/smb/server/smbacl.c
> +++ b/fs/smb/server/smbacl.c
> @@ -406,11 +406,14 @@ static void parse_dacl(struct mnt_idmap *idmap,
>  		return;
>
>  	ret = init_acl_state(&acl_state, num_aces);
> -	if (ret)
> +	if (ret) {
> +		kfree(ppace);
>  		return;
> +	}
>  	ret = init_acl_state(&default_acl_state, num_aces);
>  	if (ret) {
>  		free_acl_state(&acl_state);
> +		kfree(ppace);
>  		return;
>  	}
Looks good to me.
But rather than this, How about moving ppace allocation here ?

Thanks for your patch.
>
> --
> 2.43.0
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ