| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170919114808.pisr2lqenhtyisyj@unicorn.suse.cz>
Date: Tue, 19 Sep 2017 13:48:08 +0200
From: Michal Kubecek <mkubecek@...e.cz>
To: Hangbin Liu <liuhangbin@...il.com>
Cc: netdev@...r.kernel.org,
Stephen Hemminger <stephen@...workplumber.org>,
Phil Sutter <phil@....cc>
Subject: Re: [PATCHv2 iproute2 1/2] lib/libnetlink: re malloc buff if size is
not enough
On Tue, Sep 19, 2017 at 11:05:20AM +0800, Hangbin Liu wrote:
> On Mon, Sep 18, 2017 at 09:55:05AM +0200, Michal Kubecek wrote:
> > > @@ -471,19 +516,23 @@ int rtnl_dump_filter_l(struct rtnl_handle *rth,
> > >
> > > if (h->nlmsg_type == NLMSG_ERROR) {
> > > rtnl_dump_error(rth, h);
> > > + free(buf);
> > > return -1;
> > > }
> > >
> > > if (!rth->dump_fp) {
> > > err = a->filter(&nladdr, h, a->arg1);
> > > - if (err < 0)
> > > + if (err < 0) {
> > > + free(buf);
> > > return err;
> > > + }
> > > }
> > >
> > > skip_it:
> > > h = NLMSG_NEXT(h, msglen);
> > > }
> > > }
> > > + free(buf);
> >
> > We only free the last buffer returned by rtnl_recvmsg() this way.
> > IMHO this free(buf) should be moved inside the loop.
>
> Do you mean the outside while loop or the for loop? I think we could
> not put it inside the for loop, because we may need the buf multi
> times based on arg.
Sorry for the confusion, you are right, this part is correct. I misread
the indentation.
Michal Kubecek
Powered by blists - more mailing lists