lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Fri, 10 May 2024 11:28:58 -0300
From: Arnaldo Carvalho de Melo <acme@...nel.org>
To: Samasth Norway Ananda <samasth.norway.ananda@...cle.com>
Cc: namhyung@...nel.org, peterz@...radead.org, mingo@...hat.com,
	mark.rutland@....com, alexander.shishkin@...ux.intel.com,
	jolsa@...nel.org, irogers@...gle.com, adrian.hunter@...el.com,
	linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RESEND] perf daemon: Fix file leak in
 daemon_session__control

On Thu, May 09, 2024 at 05:34:24PM -0700, Samasth Norway Ananda wrote:
> The open() function returns -1 on error.
> 'control' and 'ack' both initialized with open() and further
> validated with 'if' statement. 'if (!control)' would evaluate
> to 'true' if returned value on error were '0' but it is actually '-1'.
> 
> Fixes: edcaa47958c7 ("perf daemon: Add 'ping' command")
> Signed-off-by: Samasth Norway Ananda <samasth.norway.ananda@...cle.com>

Thanks, applied to perf-tools-next,

- Arnaldo

> ---
> Found this error through static analysis. This has only been compile
> tested.
> ---
>  tools/perf/builtin-daemon.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/perf/builtin-daemon.c b/tools/perf/builtin-daemon.c
> index 83954af36753..de76bbc50bfb 100644
> --- a/tools/perf/builtin-daemon.c
> +++ b/tools/perf/builtin-daemon.c
> @@ -523,7 +523,7 @@ static int daemon_session__control(struct daemon_session *session,
>  		  session->base, SESSION_CONTROL);
>  
>  	control = open(control_path, O_WRONLY|O_NONBLOCK);
> -	if (!control)
> +	if (control < 0)
>  		return -1;
>  
>  	if (do_ack) {
> @@ -532,7 +532,7 @@ static int daemon_session__control(struct daemon_session *session,
>  			  session->base, SESSION_ACK);
>  
>  		ack = open(ack_path, O_RDONLY, O_NONBLOCK);
> -		if (!ack) {
> +		if (ack < 0) {
>  			close(control);
>  			return -1;
>  		}
> -- 
> 2.42.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ