| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 25 May 2024 03:46:12 +0800
From: Kuan-Wei Chiu <visitorckw@...il.com>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: jserv@...s.ncku.edu.tw, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tools/lib/slab: Fix potential NULL pointer dereference
in kmalloc()
On Fri, May 24, 2024 at 12:23:50PM -0700, Andrew Morton wrote:
> On Sat, 25 May 2024 03:14:59 +0800 Kuan-Wei Chiu <visitorckw@...il.com> wrote:
>
> > In kmalloc(), add a check to ensure that the pointer 'ret' is not NULL
> > before attempting to memset it when the __GFP_ZERO flag is set. This
> > prevents a potential NULL pointer dereference.
> >
> > ...
> >
> > --- a/tools/lib/slab.c
> > +++ b/tools/lib/slab.c
> > @@ -22,7 +22,7 @@ void *kmalloc(size_t size, gfp_t gfp)
> > uatomic_inc(&kmalloc_nr_allocated);
> > if (kmalloc_verbose)
> > printf("Allocating %p from malloc\n", ret);
> > - if (gfp & __GFP_ZERO)
> > + if (gfp & __GFP_ZERO && ret)
> > memset(ret, 0, size);
> > return ret;
> > }
>
> I suspect we have a lot of unchecked mallocs in our userspace code. If
> there's an argument for fixing them all(?) then it would be best to do
> this in a wholesale fashion rather than patch-at-a-time piecemeal.
>
It seems likely that I'm not the first to notice the unchecked mallocs
in our userspace code if they're indeed widespread. Are there specific
reasons or guidelines indicating when malloc checks are necessary, and
when they can be omitted?
Regards,
Kuan-Wei
Powered by blists - more mailing lists