| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230227112359.6df702e3@kernel.org>
Date: Mon, 27 Feb 2023 11:23:59 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Fedor Pchelkin <pchelkin@...ras.ru>
Cc: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>,
Guenter Roeck <groeck@...gle.com>,
Martin Faltesek <mfaltesek@...gle.com>,
Duoming Zhou <duoming@....edu.cn>,
Samuel Ortiz <sameo@...ux.intel.com>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
Alexey Khoroshilov <khoroshilov@...ras.ru>,
lvc-project@...uxtesting.org,
syzbot+df64c0a2e8d68e78a4fa@...kaller.appspotmail.com
Subject: Re: [PATCH] nfc: fix memory leak of se_io context in nfc_genl_se_io
On Sat, 25 Feb 2023 13:56:14 +0300 Fedor Pchelkin wrote:
> The callback context for sending/receiving APDUs to/from the selected
> secure element is allocated inside nfc_genl_se_io and supposed to be
> eventually freed in se_io_cb callback function. However, there are several
> error paths where the bwi_timer is not charged to call se_io_cb later, and
> the cb_context is leaked.
>
> The patch proposes to free the cb_context explicitly on those error paths.
>
> At the moment we can't simply check 'dev->ops->se_io()' return value as it
> may be negative in both cases: when the timer was charged and was not.
FWIW this patch has already been applied, please send the next changes
on top:
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=25ff6f8a5a3b8dc48e8abda6f013e8cc4b14ffea
Powered by blists - more mailing lists