lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240809134133.751723e5@gandalf.local.home>
Date: Fri, 9 Aug 2024 13:41:33 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: John Kacur <jkacur@...hat.com>
Cc: Dan Carpenter <dan.carpenter@...aro.org>, Daniel Bristot de Oliveira
 <bristot@...nel.org>, "Luis Claudio R. Goncalves" <lgoncalv@...hat.com>,
 Clark Williams <williams@...hat.com>, linux-trace-kernel@...r.kernel.org,
 linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] rtla/osnoise: prevent NULL dereference in error
 handling

On Fri, 9 Aug 2024 13:34:28 -0400 (EDT)
John Kacur <jkacur@...hat.com> wrote:

> On Fri, 9 Aug 2024, Dan Carpenter wrote:
> 
> > If the "tool->data" allocation fails then there is no need to call
> > osnoise_free_top() and, in fact, doing so will lead to a NULL dereference.
> > 
> > Fixes: 1eceb2fc2ca5 ("rtla/osnoise: Add osnoise top mode")
> > Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
> > ---
> >  tools/tracing/rtla/src/osnoise_top.c | 11 ++++-------
> >  1 file changed, 4 insertions(+), 7 deletions(-)
> > 
> > diff --git a/tools/tracing/rtla/src/osnoise_top.c b/tools/tracing/rtla/src/osnoise_top.c
> > index f594a44df840..2f756628613d 100644
> > --- a/tools/tracing/rtla/src/osnoise_top.c
> > +++ b/tools/tracing/rtla/src/osnoise_top.c
> > @@ -651,8 +651,10 @@ struct osnoise_tool *osnoise_init_top(struct osnoise_top_params *params)
> >  		return NULL;
> >  
> >  	tool->data = osnoise_alloc_top(nr_cpus);
> > -	if (!tool->data)
> > -		goto out_err;
> > +	if (!tool->data) {
> > +		osnoise_destroy_tool(tool);
> > +		return NULL;
> > +	}
> >  
> >  	tool->params = params;
> >  
> > @@ -660,11 +662,6 @@ struct osnoise_tool *osnoise_init_top(struct osnoise_top_params *params)
> >  				   osnoise_top_handler, NULL);
> >  
> >  	return tool;
> > -
> > -out_err:
> > -	osnoise_free_top(tool->data);
> > -	osnoise_destroy_tool(tool);
> > -	return NULL;
> >  }
> >  
> >  static int stop_tracing;
> > --   
> 
> Although your fix appears to be correct, I wonder if it would be better to 
> create a second error label, such as out_destroy_tool: as described in 
> section 7 of the coding-style.rst
> 

There's no reason for that. It's the only error path. That is, nothing
would jump to the original out_err:

And for a single error, an if statement is good enough.

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ