lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 13 May 2020 10:05:00 +0300
From:   Kalle Valo <kvalo@...eaurora.org>
To:     Brian Norris <briannorris@...omium.org>
Cc:     Navid Emamdoost <navid.emamdoost@...il.com>, emamd001@....edu,
        smccaman@....edu, Kangjie Lu <kjlu@....edu>,
        QCA ath9k Development <ath9k-devel@....qualcomm.com>,
        "David S. Miller" <davem@...emloft.net>,
        linux-wireless <linux-wireless@...r.kernel.org>,
        "\<netdev\@vger.kernel.org\>" <netdev@...r.kernel.org>,
        Linux Kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] ath9k: release allocated buffer if timed out

Brian Norris <briannorris@...omium.org> writes:

> On Fri, Sep 6, 2019 at 11:59 AM Navid Emamdoost
> <navid.emamdoost@...il.com> wrote:
>>
>> In ath9k_wmi_cmd, the allocated network buffer needs to be released
>> if timeout happens. Otherwise memory will be leaked.
>>
>> Signed-off-by: Navid Emamdoost <navid.emamdoost@...il.com>
>
> I wonder, did you actually test your patches? I ask, because it seems
> that all your patches are of the same mechanical variety (produced by
> some sort of research project?), and if I look around a bit, I see
> several mistakes and regressions noted on your other patches. And
> recently, I see someone reporting a 5.4 kernel regression, which looks
> a lot like it was caused by this patch:
>
> https://bugzilla.kernel.org/show_bug.cgi?id=207703#c1
>
> I'll propose a revert, if there's no evidence this was actually tested
> or otherwise confirmed to fix a real bug.

Actually it's already reverted in -next, nobody just realised that it's
a regression from commit 728c1e2a05e4:

ced21a4c726b ath9k: Fix use-after-free Read in htc_connect_service

v5.8-rc1 should be the first release having the fix.

-- 
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches

Powered by blists - more mailing lists