| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000001d01816$a984e370$fc8eaa50$@163.com> Date: Mon, 15 Dec 2014 11:24:40 +0800 From: "Jia-Ju Bai" <baijiaju1990@....com> To: <netdev@...r.kernel.org> Subject: Potential bugs found in e100 Recently I test linux device drivers in Linux 3.17.2, and find some potential bugs. e100 driver: The target file is drivers/net/ethernet/intel/e100.c, which is used to build e100.ko. I hope you can help me check my findings: [1] The function pci_pool_create is called by e100_probe when initializing the ethernet card driver. But when pci_pool_create is failed, which means that it returns NULL to nic->cbs_pool, the system crash will happen. Because pci_pool_alloc (in e100_alloc_cbs in e100_up in e100_open) need to use nic->cbs_pool to allocate the resource, but it is NULL. I suggest that a check can be added in the code to detect whether pci_pool_create returns NULL. [2] In the normal process, netif_napi_add is called in e100_probe, but netif_napi_del is not called in e100_remove. However, many other ethernet card drivers call them in pairs, even in the error handling paths, such as r8169 and igb. Could you help me check these findings? Thank you very much, and I'm looking forward to your reply. -- Jia-Ju Bai -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists