Re: [PATCH -v3 3/3] resource, kunit: Add test case for region_intersects()

From: Kees Bakker
Date: Mon Sep 30 2024 - 13:36:44 EST

Next message: Javier Carrasco: "Re: [PATCH v3 0/5] selftests: gitignore and clean target file additions"
Previous message: Christian Theune: "Re: Known and unfixed active data loss bug in MM + XFS with large folios since Dec 2021 (any kernel from 6.1 upwards)"
In reply to: Huang, Ying: "Re: [PATCH -v3 3/3] resource, kunit: Add test case for region_intersects()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Op 30-09-2024 om 02:53 schreef Huang, Ying:

Kees Bakker <kees@xxxxxxxxxxxx> writes:

Op 06-09-2024 om 05:07 schreef Huang Ying:

[...]
+static void resource_test_insert_resource(struct kunit *test, struct resource *parent,
+ resource_size_t start, resource_size_t size,
+ const char *name, unsigned long flags)
+{
+ struct resource *res;
+
+ res = kzalloc(sizeof(*res), GFP_KERNEL);
+ KUNIT_ASSERT_NOT_NULL(test, res);
+
+ res->name = name;
+ res->start = start;
+ res->end = start + size - 1;
+ res->flags = flags;
+ if (insert_resource(parent, res)) {
+ kfree(res);
+ KUNIT_FAIL_AND_ABORT(test, "Fail to insert resource %pR\n", res);

Isn't this a user-after-free?

Good catch! Thanks for pointing this out. I should be more careful for
the error path.

I have to honest, it wasn't me who found this. It was Coverity.

+ }
+
+ kunit_add_action_or_reset(test, remove_free_resource, res);

This may cause use-after-free if failed to allocate memory for
add_action. Will fix this too.

+}

--
Best Regards,
Huang, Ying

Next message: Javier Carrasco: "Re: [PATCH v3 0/5] selftests: gitignore and clean target file additions"
Previous message: Christian Theune: "Re: Known and unfixed active data loss bug in MM + XFS with large folios since Dec 2021 (any kernel from 6.1 upwards)"
In reply to: Huang, Ying: "Re: [PATCH -v3 3/3] resource, kunit: Add test case for region_intersects()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]