| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20251220134230.712676-1-lihaoxiang@isrc.iscas.ac.cn> Date: Sat, 20 Dec 2025 21:42:30 +0800 From: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn> To: chleroy@...nel.org Cc: alex.bou9@...il.com, lihaoxiang@...c.iscas.ac.cn, linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, maddy@...ux.ibm.com, mpe@...erman.id.au, mporter@...nel.crashing.org, npiggin@...il.com Subject: Re: [PATCH] powerpc/fsl_rio: fix a improper release in fsl_rio_setup() On Sat, 20 Dec 2025 11:45:10 +0100, Christophe Leroy wrote: > Your explanation is unclear. It is correct that put_device() is the > correct way to drop the device reference, and it is already what > rio_register_mport() does. Why do you need to move it out of > rio_register_mport() ? This is what you have to explain. Sorry for the unclear changelog. I think if device_register() in rio_register_mport() fails, put_device() is already called. Then, the error path in fsl_rio_setup() also kfree() the port. I suspected a potential double-free issue here, although I am unsure whether this interpretation is correct. > AI code review or human code review ? Human review. > Why do you remove this kfree() ? By doing this you will leak the port > pointer allocated earlier in the loop by kzalloc() I just thought after device_register(), the cleanup should be done by put_device(). I would appreciate your clarification. Thanks, Haoxiang Li
Powered by blists - more mailing lists