lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 20 Jul 2022 11:24:59 +0400
From:   Denis Efremov <denis.e.efremov@...cle.com>
To:     Martin Faltesek <mfaltesek@...gle.com>, kuba@...nel.org,
        krzysztof.kozlowski@...aro.org
Cc:     christophe.ricard@...il.com, gregkh@...uxfoundation.org,
        groeck@...gle.com, jordy@...ing.systems, krzk@...nel.org,
        martin.faltesek@...il.com, netdev@...r.kernel.org,
        linux-nfc@...ts.01.org, sameo@...ux.intel.com, wklin@...gle.com,
        theflamefire89@...il.com
Subject: Re: [PATCH net v3 0/3] Split "nfc: st21nfca: Refactor
 EVT_TRANSACTION" into 3

Hi,

On 6/7/22 06:57, Martin Faltesek wrote:
> 
> Martin Faltesek (3):
>   nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
>   nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
>   nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
> 
>  drivers/nfc/st21nfca/se.c | 53 ++++++++++++++++++++++-----------------
>  1 file changed, 30 insertions(+), 23 deletions(-)


It looks like driver st-nci contains the same problems and all 3 fixes are
also applicable to st_nci_hci_connectivity_event_received() function.
At least I can see the memory leak
https://elixir.bootlin.com/linux/v5.19-rc7/source/drivers/nfc/st-nci/se.c#L343

Can you please double check the st-nci driver and send the same fixes to it?
Reported-by: Denis Efremov <denis.e.efremov@...cle.com>

Thanks,
Denis

Powered by blists - more mailing lists