lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200422102808.9197-3-jhs@emojatatu.com>
Date:   Wed, 22 Apr 2020 06:28:08 -0400
From:   Jamal Hadi Salim <jhs@...atatu.com>
To:     stephen@...workplumber.org
Cc:     netdev@...r.kernel.org, dsahern@...il.com, aclaudi@...hat.com,
        daniel@...earbox.net, asmadeus@...ewreck.org,
        Jamal Hadi Salim <hadi@...atatu.com>,
        Jamal Hadi Salim <jhs@...atatu.com>
Subject: [PATCH iproute2 v2 2/2] bpf: Fix mem leak and extraneous free() in error path

From: Jamal Hadi Salim <hadi@...atatu.com>

Fixes: c0325b06382 ("bpf: replace snprintf with asprintf when dealing with long buffers")
Signed-off-by: Jamal Hadi Salim <jhs@...atatu.com>
---
 lib/bpf.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/bpf.c b/lib/bpf.c
index 656cad02..fdcede1c 100644
--- a/lib/bpf.c
+++ b/lib/bpf.c
@@ -1523,13 +1523,15 @@ static int bpf_make_custom_path(const struct bpf_elf_ctx *ctx,
 	ret = asprintf(&rem, "%s/", todo);
 	if (ret < 0) {
 		fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
-		goto out;
+		return ret;
 	}
 
 	sub = strtok(rem, "/");
 	while (sub) {
-		if (strlen(tmp) + strlen(sub) + 2 > PATH_MAX)
-			return -EINVAL;
+		if (strlen(tmp) + strlen(sub) + 2 > PATH_MAX) {
+			ret = -EINVAL;
+			goto out;
+		}
 
 		strcat(tmp, sub);
 		strcat(tmp, "/");
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ