Re: [PATCH] Possible memory leak inarch/cris/arch-v32/drivers/cryptocop.c

From: Jesper Nilsson
Date: Thu Jun 11 2009 - 13:32:24 EST


Hi,

I'm having trouble with this patch, it seems horribly whitespace damaged.
Also, this leak has already been reported (bugzilla 11363) and
fixed in our local repo.

The following patch is what I have queued for the CRIS-tree:

From: Jesper Nilsson <jesper.nilsson@xxxxxxxx>
Subject: [PATCH] CRISv32: Fix potential null reference in cryptocop driver.

The code didn't test the pointer to the newly allocated
memory, but a parameter sent in as value.
Since the input parameter was most often set, the code
would have used a null pointer if the kmalloc failed.
If the input parameter was not set, the code would
leak the allocated buffer.

http://bugzilla.kernel.org/show_bug.cgi?id=11363

Reported-by: Daniel MarjamÃki <danielm77@xxxxxxxx>
Signed-off-by: Jesper Nilsson <jesper.nilsson@xxxxxxxx>
---
arch/cris/arch-v32/drivers/cryptocop.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/cris/arch-v32/drivers/cryptocop.c b/arch/cris/arch-v32/drivers/cryptocop.c
index 67c61ea..fd529a0 100644
--- a/arch/cris/arch-v32/drivers/cryptocop.c
+++ b/arch/cris/arch-v32/drivers/cryptocop.c
@@ -1395,7 +1395,7 @@ static int create_md5_pad(int alloc_flag, unsigned long long hashed_length, char
if (padlen < MD5_MIN_PAD_LENGTH) padlen += MD5_BLOCK_LENGTH;

p = kmalloc(padlen, alloc_flag);
- if (!pad) return -ENOMEM;
+ if (!p) return -ENOMEM;

*p = 0x80;
memset(p+1, 0, padlen - 1);
@@ -1427,7 +1427,7 @@ static int create_sha1_pad(int alloc_flag, unsigned long long hashed_length, cha
if (padlen < SHA1_MIN_PAD_LENGTH) padlen += SHA1_BLOCK_LENGTH;

p = kmalloc(padlen, alloc_flag);
- if (!pad) return -ENOMEM;
+ if (!p) return -ENOMEM;

*p = 0x80;
memset(p+1, 0, padlen - 1);
--
1.6.1

On Thu, Jun 11, 2009 at 06:30:17PM +0200, Giangiacomo Mariotti wrote:
> From ee8e71f0ae1356b324906efc8e858b29025c60ef Mon Sep 17 00:00:00 2001
> From: Giangiacomo Mariotti <giangiacomo.mariotti@xxxxxxxxx>
> Date: Thu, 11 Jun 2009 18:13:52 +0200
> Subject: [PATCH] Possible mem leak
>
> ---
> arch/cris/arch-v32/drivers/cryptocop.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/cris/arch-v32/drivers/cryptocop.c
> b/arch/cris/arch-v32/drivers/cryptocop.c
> index 67c61ea..fd529a0 100644
> --- a/arch/cris/arch-v32/drivers/cryptocop.c
> +++ b/arch/cris/arch-v32/drivers/cryptocop.c
> @@ -1395,7 +1395,7 @@ static int create_md5_pad(int alloc_flag,
> unsigned long long hashed_length, char
> if (padlen < MD5_MIN_PAD_LENGTH) padlen += MD5_BLOCK_LENGTH;
>
> p = kmalloc(padlen, alloc_flag);
> - if (!pad) return -ENOMEM;
> + if (!p) return -ENOMEM;
>
> *p = 0x80;
> memset(p+1, 0, padlen - 1);
> @@ -1427,7 +1427,7 @@ static int create_sha1_pad(int alloc_flag,
> unsigned long long hashed_length, cha
> if (padlen < SHA1_MIN_PAD_LENGTH) padlen += SHA1_BLOCK_LENGTH;
>
> p = kmalloc(padlen, alloc_flag);
> - if (!pad) return -ENOMEM;
> + if (!p) return -ENOMEM;
>
> *p = 0x80;
> memset(p+1, 0, padlen - 1);
> --
>
> --
> You highest men whom my eyes have seen, this is my doubt about you and
> my secret laughter: I guess that you would call my overmanâdevil!
> What is great is so alien to your souls that the overman would be
> terrifying to you in his goodness ...
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/

/^JN - Jesper Nilsson
--
Jesper Nilsson -- jesper.nilsson@xxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/