lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1360058766.8376.3.camel@jlt4.sipsolutions.net>
Date:	Tue, 05 Feb 2013 11:06:06 +0100
From:	Johannes Berg <johannes@...solutions.net>
To:	Larry Finger <Larry.Finger@...inger.net>, mcgrof@...not-panic.com
Cc:	linville@...driver.com, linux-wireless@...r.kernel.org,
	netdev@...r.kernel.org
Subject: Re: [PATCH] cfg80211: Fix memory leak

On Mon, 2013-02-04 at 15:33 -0600, Larry Finger wrote:
> From: Johannes Berg <johannes@...solutions.net>
> 
> When a driver requests a specific regulatory domain after cfg80211 already
> has one, a struct ieee80211_regdomain is leaked.

Thanks Larry!

> Johannes,
> 
> I added a From: for you as the content of this patch is yours.

I changed it back, it's really your patch, I only suggested a bit of the
code :-)

> --- a/net/wireless/reg.c
> +++ b/net/wireless/reg.c
> @@ -2189,10 +2189,14 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
>  		 * However if a driver requested this specific regulatory
>  		 * domain we keep it for its private use
>  		 */
> -		if (lr->initiator == NL80211_REGDOM_SET_BY_DRIVER)
> +		if (lr->initiator == NL80211_REGDOM_SET_BY_DRIVER) {
> +			const struct ieee80211_regdomain *tmp =
> +						get_wiphy_regdom(request_wiphy);
>  			rcu_assign_pointer(request_wiphy->regd, rd);
> -		else
> +			rcu_free_regdom(tmp);

Luis, when you get back can you please audit the other places? I'm not
convinced that there aren't more places that need to free the regdom,
but I don't really want to dig into the code right now.

johannes

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ