lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 23 Nov 2014 03:21:15 +0000
From:	Ben Hutchings <ben@...adent.org.uk>
To:	Jia-Ju Bai <baijiaju1990@....com>
Cc:	netdev@...r.kernel.org
Subject: Re: Potential bugs found in ne2k-pci+8390

On Sat, 2014-11-22 at 11:51 +0800, Jia-Ju Bai wrote:
> Dear Sir,
> I'm very sorry to trouble you. 
> Recently I test 15 linux device drivers and find some potential bugs both in
> Linux 3.8.6 and Linux 3.17.2. 
> 
> The target file is drivers/net/ethernet/8390/ne2k-pci.c, which is used to
> build ne2k-pci.ko. I hope you can help me check my findings:
> [1] The function request_region is called by ne2k_pci_init_one when
> initializing the ethernet card driver. But when request_region is failed,
> which means that it returns the error value, ne2k_pci_init_one returns
> immediately to halt the process. However, because pci_enable_device has been
> called before request_region in ne2k_pci_init_one, pci_disable_device should
> be called before exiting. When the driver works normally, pci_enable_device
> and pci_disable_device are called in pairs in ne2k_pci_init_one and
> ne2k_pci_remove_one. Moreover, other ethernet card drivers call
> pci_enable_device and pci_disable_device in pairs in error handling paths,
> such as r8169 and sky2.
> [2] The similar problem to [1] occurs when alloc_ei_netdev is failed in
> ne2k_pci_init_one.
> [3] The similar problem to [1] occurs when register_netdev is failed in
> ne2k_pci_init_one.
> 
> Could you help me check these findings? Thank you very much, and I'm looking
> forward to your reply.

I agree this is a real bug (or bugs).  You should send a patch to fix
this - see Documentation/SubmittingPatches.

Ben.

-- 
Ben Hutchings
Never put off till tomorrow what you can avoid all together.

Download attachment "signature.asc" of type "application/pgp-signature" (812 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ