lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <21f94a25-949a-1a6a-2ba2-59c829edeb04@codeaurora.org>
Date:   Fri, 22 Mar 2019 17:22:03 +0530
From:   Mukesh Ojha <mojha@...eaurora.org>
To:     Yue Haibing <yuehaibing@...wei.com>, davem@...emloft.net,
        gerrit@....abdn.ac.uk
Cc:     linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
        dccp@...r.kernel.org
Subject: Re: [PATCH] dccp: Fix memleak in __feat_register_sp


On 3/21/2019 7:40 PM, Yue Haibing wrote:
> From: YueHaibing <yuehaibing@...wei.com>
>
> If dccp_feat_push_change fails, we forget free the mem
> which is alloced by kmemdup in dccp_feat_clone_sp_val.
>
> Reported-by: Hulk Robot <hulkci@...wei.com>
> Fixes: e8ef967a54f4 ("dccp: Registration routines for changing feature values")
> Signed-off-by: YueHaibing <yuehaibing@...wei.com>
> ---
>   net/dccp/feat.c | 7 ++++++-
>   1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/net/dccp/feat.c b/net/dccp/feat.c
> index f227f00..083e012 100644
> --- a/net/dccp/feat.c
> +++ b/net/dccp/feat.c
> @@ -738,7 +738,12 @@ static int __feat_register_sp(struct list_head *fn, u8 feat, u8 is_local,
>   	if (dccp_feat_clone_sp_val(&fval, sp_val, sp_len))
>   		return -ENOMEM;
>   
> -	return dccp_feat_push_change(fn, feat, is_local, mandatory, &fval);
> +	if (dccp_feat_push_change(fn, feat, is_local, mandatory, &fval)) {
> +		kfree(val->sp.vec);

Please atleast check the compilation first, don't  just rush into 
sending patch.

s/val/fval


Thanks,
Mukesh

> +		return -ENOMEM;
> +	}
> +
> +	return 0;
>   }
>   
>   /**

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ