Re: [PATCH v2] ieee802154: hwsim: Fix memory leak in hwsim_add_one

From: Alexander Aring
Date: Tue Jun 22 2021 - 14:30:01 EST

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH RFC 04/11] perf script: Add API for filtering via dynamically loaded shared object"
Previous message: Linus Torvalds: "Re: Do we need to unrevert "fs: do not prefault sys_write() user buffer pages"?"
Next in thread: Stefan Schmidt: "Re: [PATCH v2] ieee802154: hwsim: Fix memory leak in hwsim_add_one"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Tue, 15 Jun 2021 at 22:09, Dongliang Mu <mudongliangabcd@xxxxxxxxx> wrote:
>
> No matter from hwsim_remove or hwsim_del_radio_nl, hwsim_del fails to
> remove the entry in the edges list. Take the example below, phy0, phy1
> and e0 will be deleted, resulting in e1 not freed and accessed in the
> future.
>
> hwsim_phys
> |
> ------------------------------
> | |
> phy0 (edges) phy1 (edges)
> ----> e1 (idx = 1) ----> e0 (idx = 0)
>
> Fix this by deleting and freeing all the entries in the edges list
> between hwsim_edge_unsubscribe_me and list_del(&phy->list).
>
> Reported-by: syzbot+b80c9959009a9325cdff@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 1c9f4a3fce77 ("ieee802154: hwsim: fix rcu handling")
> Signed-off-by: Dongliang Mu <mudongliangabcd@xxxxxxxxx>

Acked-by: Alexander Aring <aahringo@xxxxxxxxxx>

Thanks!

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH RFC 04/11] perf script: Add API for filtering via dynamically loaded shared object"
Previous message: Linus Torvalds: "Re: Do we need to unrevert "fs: do not prefault sys_write() user buffer pages"?"
Next in thread: Stefan Schmidt: "Re: [PATCH v2] ieee802154: hwsim: Fix memory leak in hwsim_add_one"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]