| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7ece353a-36a6-6154-97d9-b255728b9807@redhat.com>
Date: Fri, 9 Aug 2024 13:53:33 -0400 (EDT)
From: John Kacur <jkacur@...hat.com>
To: Steven Rostedt <rostedt@...dmis.org>
cc: Dan Carpenter <dan.carpenter@...aro.org>,
Daniel Bristot de Oliveira <bristot@...nel.org>,
"Luis Claudio R. Goncalves" <lgoncalv@...hat.com>,
Clark Williams <williams@...hat.com>, linux-trace-kernel@...r.kernel.org,
linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] rtla/osnoise: prevent NULL dereference in error
handling
On Fri, 9 Aug 2024, Steven Rostedt wrote:
> On Fri, 9 Aug 2024 13:34:28 -0400 (EDT)
> John Kacur <jkacur@...hat.com> wrote:
>
> > On Fri, 9 Aug 2024, Dan Carpenter wrote:
> >
> > > If the "tool->data" allocation fails then there is no need to call
> > > osnoise_free_top() and, in fact, doing so will lead to a NULL dereference.
> > >
> > > Fixes: 1eceb2fc2ca5 ("rtla/osnoise: Add osnoise top mode")
> > > Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
> > > ---
> > > tools/tracing/rtla/src/osnoise_top.c | 11 ++++-------
> > > 1 file changed, 4 insertions(+), 7 deletions(-)
> > >
> > > diff --git a/tools/tracing/rtla/src/osnoise_top.c b/tools/tracing/rtla/src/osnoise_top.c
> > > index f594a44df840..2f756628613d 100644
> > > --- a/tools/tracing/rtla/src/osnoise_top.c
> > > +++ b/tools/tracing/rtla/src/osnoise_top.c
> > > @@ -651,8 +651,10 @@ struct osnoise_tool *osnoise_init_top(struct osnoise_top_params *params)
> > > return NULL;
> > >
> > > tool->data = osnoise_alloc_top(nr_cpus);
> > > - if (!tool->data)
> > > - goto out_err;
> > > + if (!tool->data) {
> > > + osnoise_destroy_tool(tool);
> > > + return NULL;
> > > + }
> > >
> > > tool->params = params;
> > >
> > > @@ -660,11 +662,6 @@ struct osnoise_tool *osnoise_init_top(struct osnoise_top_params *params)
> > > osnoise_top_handler, NULL);
> > >
> > > return tool;
> > > -
> > > -out_err:
> > > - osnoise_free_top(tool->data);
> > > - osnoise_destroy_tool(tool);
> > > - return NULL;
> > > }
> > >
> > > static int stop_tracing;
> > > --
> >
> > Although your fix appears to be correct, I wonder if it would be better to
> > create a second error label, such as out_destroy_tool: as described in
> > section 7 of the coding-style.rst
> >
>
> There's no reason for that. It's the only error path. That is, nothing
> would jump to the original out_err:
>
> And for a single error, an if statement is good enough.
>
> -- Steve
>
>
Ah, right of course.
Okay in that case, Signed-off-by: John Kacur <jkacur@...hat.com>
(applied the patch, built and ran)
Powered by blists - more mailing lists