| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20251121022728.3661-1-make24@iscas.ac.cn>
Date: Fri, 21 Nov 2025 10:27:28 +0800
From: Ma Ke <make24@...as.ac.cn>
To: krzk@...nel.org,
davem@...emloft.net,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
horms@...nel.org,
linville@...driver.com,
aloisio.almeida@...nbossa.org,
johannes@...solutions.net,
lauro.venancio@...nbossa.org,
sameo@...ux.intel.com
Cc: netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
akpm@...ux-foundation.org,
Ma Ke <make24@...as.ac.cn>,
stable@...r.kernel.org
Subject: [PATCH] NFC: Fix error handling in nfc_genl_dump_targets
nfc_genl_dump_targets() increments the device reference count via
nfc_get_device() but fails to decrement it properly. nfc_get_device()
calls class_find_device() which internally calls get_device() to
increment the reference count. No corresponding put_device() is made
to decrement the reference count.
Add proper reference count decrementing using nfc_put_device() when
the dump operation completes or encounters an error, ensuring balanced
reference counting.
Found by code review.
Cc: stable@...r.kernel.org
Fixes: 4d12b8b129f1 ("NFC: add nfc generic netlink interface")
Signed-off-by: Ma Ke <make24@...as.ac.cn>
---
net/nfc/netlink.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index a18e2c503da6..9ae138ee91dd 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -159,6 +159,11 @@ static int nfc_genl_dump_targets(struct sk_buff *skb,
cb->args[0] = i;
+ if (rc < 0 || i >= dev->n_targets) {
+ nfc_put_device(dev);
+ cb->args[1] = 0;
+ }
+
return skb->len;
}
--
2.17.1
Powered by blists - more mailing lists