lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 May 2020 22:24:53 -0500 From: Navid Emamdoost <navid.emamdoost@...il.com> To: Brian Norris <briannorris@...omium.org> Cc: Navid Emamdoost <emamd001@....edu>, Stephen McCamant <smccaman@....edu>, Kangjie Lu <kjlu@....edu>, QCA ath9k Development <ath9k-devel@....qualcomm.com>, Kalle Valo <kvalo@...eaurora.org>, "David S. Miller" <davem@...emloft.net>, linux-wireless <linux-wireless@...r.kernel.org>, "<netdev@...r.kernel.org>" <netdev@...r.kernel.org>, Linux Kernel <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] ath9k: release allocated buffer if timed out Hi Brian, On Tue, May 12, 2020 at 11:57 AM Brian Norris <briannorris@...omium.org> wrote: > > On Fri, Sep 6, 2019 at 11:59 AM Navid Emamdoost > <navid.emamdoost@...il.com> wrote: > > > > In ath9k_wmi_cmd, the allocated network buffer needs to be released > > if timeout happens. Otherwise memory will be leaked. > > > > Signed-off-by: Navid Emamdoost <navid.emamdoost@...il.com> > > I wonder, did you actually test your patches? I ask, because it seems > that all your patches are of the same mechanical variety (produced by > some sort of research project?), and if I look around a bit, I see I found this via static analysis and as a result, did had the inputs to test it with (like the way fuzzing works). It may be beneficial if you could point me to any testing infrastructure that you use or are aware of for future cases. > several mistakes and regressions noted on your other patches. And > recently, I see someone reporting a 5.4 kernel regression, which looks > a lot like it was caused by this patch: > > https://bugzilla.kernel.org/show_bug.cgi?id=207703#c1 > > I'll propose a revert, if there's no evidence this was actually tested > or otherwise confirmed to fix a real bug. > > Brian -- Navid.
Powered by blists - more mailing lists