| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071126123609.GA27228@gondor.apana.org.au>
Date: Mon, 26 Nov 2007 20:36:09 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Pavel Emelyanov <xemul@...nvz.org>
Cc: Linux Netdev List <netdev@...r.kernel.org>, devel@...nvz.org
Subject: Re: [PATCH] Fix memory leak in inet_hashtables.h when NUMA is on
On Fri, Nov 23, 2007 at 07:13:11PM +0300, Pavel Emelyanov wrote:
> The inet_ehash_locks_alloc() looks like this:
>
> #ifdef CONFIG_NUMA
> if (size > PAGE_SIZE)
> x = vmalloc(...);
> else
> #endif
> x = kmalloc(...);
>
> Unlike it, the inet_ehash_locks_alloc() looks like this:
>
> #ifdef CONFIG_NUMA
> if (size > PAGE_SIZE)
> vfree(x);
> else
> #else
> kfree(x);
> #endif
>
> The error is obvious - if the NUMA is on and the size
> is less than the PAGE_SIZE we leak the pointer (kfree is
> inside the #else branch).
>
> Compiler doesn't warn us because after the kfree(x) there's
> a "x = NULL" assignment, so here's another (minor?) bug: we
> don't set x to NULL under certain circumstances.
>
> Boring explanation, I know... Patch explains it better.
>
> Signed-off-by: Pavel Emelyanov <xemul@...nvz.org>
Good catch! Applied to net-2.6. Thanks.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists