lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAJZ5v0jfoNqgKZj=vFN53B1GPOA88GWYrF61Yutqs=h8R3fZ4Q@mail.gmail.com>
Date: Tue, 14 May 2024 15:03:34 +0200
From: "Rafael J. Wysocki" <rafael@...nel.org>
To: Jiasheng Jiang <jiashengjiangcool@...look.com>
Cc: rafael@...nel.org, lenb@...nel.org, lv.zheng@...el.com, 
	rui.zhang@...el.com, linux-acpi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ACPI: scan: Add missing check for kstrdup()

On Sat, May 11, 2024 at 9:36 PM Jiasheng Jiang
<jiashengjiangcool@...look.com> wrote:
>
> Add check for the return value of kstrdup() in order to gurantee
> the success of allocation.
> Moreover, move the code forward to simplify the error handling.
>
> Fixes: ccf78040265b ("ACPI: Add _UID support for ACPI devices.")
> Signed-off-by: Jiasheng Jiang <jiashengjiangcool@...look.com>
> ---
>  drivers/acpi/scan.c | 12 +++++++++---
>  1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/acpi/scan.c b/drivers/acpi/scan.c
> index d1464324de95..59246757a207 100644
> --- a/drivers/acpi/scan.c
> +++ b/drivers/acpi/scan.c
> @@ -1385,6 +1385,15 @@ static void acpi_set_pnp_ids(acpi_handle handle, struct acpi_device_pnp *pnp,
>                         return;
>                 }
>
> +               if (info->valid & ACPI_VALID_UID) {
> +                       pnp->unique_id = kstrdup(info->unique_id.string,
> +                                                       GFP_KERNEL);
> +                       if (!pnp->unique_id) {
> +                               kfree(info);
> +                               return;

No, this is not sufficient for the function to return.

> +                       }
> +               }
> +
>                 if (info->valid & ACPI_VALID_HID) {
>                         acpi_add_id(pnp, info->hardware_id.string);
>                         pnp->type.platform_id = 1;
> @@ -1398,9 +1407,6 @@ static void acpi_set_pnp_ids(acpi_handle handle, struct acpi_device_pnp *pnp,
>                         pnp->bus_address = info->address;
>                         pnp->type.bus_address = 1;
>                 }
> -               if (info->valid & ACPI_VALID_UID)
> -                       pnp->unique_id = kstrdup(info->unique_id.string,
> -                                                       GFP_KERNEL);

This is optional, so it can be NULL.

>                 if (info->valid & ACPI_VALID_CLS)
>                         acpi_add_id(pnp, info->class_code.string);
>
> --

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ