| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Feb 2021 15:19:59 +0100
From: Heiner Kallweit <hkallweit1@...il.com>
To: Vladimir Oltean <olteanv@...il.com>,
DENG Qingfang <dqfext@...il.com>
Cc: Linus Walleij <linus.walleij@...aro.org>,
Andrew Lunn <andrew@...n.ch>,
Vivien Didelot <vivien.didelot@...il.com>,
Florian Fainelli <f.fainelli@...il.com>,
"David S . Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
netdev <netdev@...r.kernel.org>,
Mauri Sandberg <sandberg@...lfence.com>
Subject: Re: [PATCH] net: dsa: tag_rtl4_a: Support also egress tags
On 17.02.2021 13:42, Vladimir Oltean wrote:
> On Wed, Feb 17, 2021 at 08:38:30PM +0800, DENG Qingfang wrote:
>> On Wed, Feb 17, 2021 at 7:55 AM Linus Walleij <linus.walleij@...aro.org> wrote:
>>> +
>>> + /* Pad out to at least 60 bytes */
>>> + if (unlikely(eth_skb_pad(skb)))
>>> + return NULL;
>>
>> I just found that this will cause double free (eth_skb_pad will free
>> the skb if allocation fails, and dsa_slave_xmit will still try to free
>> it because it returns NULL.
>> Replace eth_skb_pad(skb) with __skb_put_padto(skb, ETH_ZLEN, false) to
>> avoid that.
>
That's really a pitfall. I had to do the same in r8169:
cc6528bc9a0c ("r8169: fix potential skb double free in an error path")
> Good catch, Qingfang.
>
Powered by blists - more mailing lists