| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Jul 2023 08:39:26 +0300
From: Leon Romanovsky <leon@...nel.org>
To: Zhengchao Shao <shaozhengchao@...wei.com>
Cc: netdev@...r.kernel.org, linux-rdma@...r.kernel.org, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
borisp@...dia.com, saeedm@...dia.com, raeds@...dia.com,
ehakim@...dia.com, liorna@...dia.com, nathan@...nel.org,
weiyongjun1@...wei.com, yuehaibing@...wei.com
Subject: Re: [PATCH net] net/mlx5e: fix double free in
macsec_fs_tx_create_crypto_table_groups
On Tue, Jul 04, 2023 at 03:06:40PM +0800, Zhengchao Shao wrote:
> In function macsec_fs_tx_create_crypto_table_groups(), when the ft->g
> memory is successfully allocated but the 'in' memory fails to be
> allocated, the memory pointed to by ft->g is released once. And in function
> macsec_fs_tx_create(), macsec_fs_tx_destroy() is called to release the
> memory pointed to by ft->g again. This will cause double free problem.
This is perfect example, why it is anti-pattern to have one global
destroy function like macsec_fs_tx_destroy(), which hides multiple
class of errors: wrong release order, double free e.t.c
>
> Fixes: e467b283ffd5 ("net/mlx5e: Add MACsec TX steering rules")
> Signed-off-by: Zhengchao Shao <shaozhengchao@...wei.com>
> ---
> drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec_fs.c | 1 +
> 1 file changed, 1 insertion(+)
>
Thanks,
Reviewed-by: Leon Romanovsky <leonro@...dia.com>
Powered by blists - more mailing lists