lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aJsHZmHN2I712xX3@stanley.mountain>
Date: Tue, 12 Aug 2025 12:20:38 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Markus Elfring <Markus.Elfring@....de>
Cc: Scott Guo <scott_gzh@....com>,
	Phillip Lougher <phillip@...ashfs.org.uk>,
	Scott Guo <scottzhguo@...cent.com>,
	LKML <linux-kernel@...r.kernel.org>,
	kernel-janitors@...r.kernel.org
Subject: Re: squashfs: Avoid mem leak in squashfs_fill_super

On Tue, Aug 12, 2025 at 10:38:59AM +0200, Markus Elfring wrote:
> > Please, don't introduce more of those e_inval, e_nomem labels.
> 
> Would you find any other label identifiers more helpful for sharing
> error code assignments according to better exception handling?

Just assign "err = -EINVAL" before the goto everyone else does.

The common kernel error handling style is called an "unwind ladder".
Assigning the error code is not part of the unwind process and it
messes up the top rung of the unwind ladder.

//=================== Good =============================
	return 0;

err_free_thing:
	free(thing);
	return ret;

//=================== Bad ==============================
	return 0;

e_inval:
        ret = -EINVAL;
        free(something);
        return ret;

Now imagine you need to add a new free:

//=================== Good =============================
	return 0;

err_free_other_thing:
	free(other_thing);
err_free_thing:
	free(thing);
	return ret;

//=================== Bad ==============================
	return 0;

e_inval:
	ret = -EINVAL;
	goto fail;
free_other_thing:
	free(other_thing);
fail:
	free(something);
	return ret;

Also, in places which basically hardcode -EINVAL into of the unwind, then
it's pretty common for later updates to carry on returning -EINVAL even
when it's the wrong error code.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ