Received: by 2002:a25:b323:0:0:0:0:0 with SMTP id l35csp1551808ybj; Fri, 20 Sep 2019 12:19:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqytTERtCYkNPZ5Y0BWZoKDUGydvj8jT6KoNiOHKGk9qJ/AzV/D09qXE3t9TxPkY09Yq3aoC X-Received: by 2002:a50:e718:: with SMTP id a24mr23891113edn.289.1569007144742; Fri, 20 Sep 2019 12:19:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569007144; cv=none; d=google.com; s=arc-20160816; b=P6iTn81BftXHPkqMM7P3iVxkla7T/mPffOEFsjCH3joal2vQ2j/Nm/ihHupWwo+6pL KbCdnGwJRMgfVNsThPYKtqv+eJ3BA45MvwTqf3V03m22qta6qhGJIEQ3qtKT8sXfywSh nV4hRmjLGg96O+MDV0Yy4rVLtr/BO2mZ6rbdfaGxDQz/p2HjBj/ae5lK0sDjZfa4RiI4 H9NaLkcyVdy2SAdGZ2+zHZiSTEYOJG4ertK3w0KYaQqNIyT3StbXTf1cHw6Pa6jSEDte 5GP7d1n1U2CyodOoeIzHHGnW44T1ulfMJ92t4PdB8u8oiEWnuHEtRCGXxzYOwhBG6gIt ZOWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:references:cc:to :subject; bh=BKMnpQtUjfRiR95ulrmG74IsJl1A8uZrbtZIAqnEeDg=; b=n+M2wEO6MmpbMuvILP9b7N2JKiG+yN/evPxuf19XZiMtAHniFqcO5YhjcZVd0svbka kUzIhYChBl862ErshfBJg8LXk6R+2dNvyXi65yDWs2G3KzLST1bR3logIe/qavDiw7bG hXP9pjQvlhEEd83BcY2QRu79AQ0P+M0BwEikS2nQihKa2WpuZG2pgyvqHwLZKfrGNWmQ z9CQRuqK9hgOKLABP+50lJdBFXifP0h9Tw0B5vtfXAxYwPlS70rFtXPp+np0vxmZ166u R3tEGG032iLHkIq0y72C23kRz5UHvCBoQkA4NEyHVeAUTXgYe4jUvSfabs41P6edYJ6o Lxrw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id pw28si1016462ejb.43.2019.09.20.12.18.41; Fri, 20 Sep 2019 12:19:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2408964AbfITMWE (ORCPT + 99 others); Fri, 20 Sep 2019 08:22:04 -0400 Received: from szxga06-in.huawei.com ([45.249.212.32]:43764 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2406276AbfITMWE (ORCPT ); Fri, 20 Sep 2019 08:22:04 -0400 Received: from DGGEMS405-HUB.china.huawei.com (unknown [172.30.72.60]) by Forcepoint Email with ESMTP id 9B838EC4FBE89CAAA15E; Fri, 20 Sep 2019 20:22:02 +0800 (CST) Received: from [127.0.0.1] (10.57.88.168) by DGGEMS405-HUB.china.huawei.com (10.3.19.205) with Microsoft SMTP Server id 14.3.439.0; Fri, 20 Sep 2019 20:21:54 +0800 Subject: Re: [PATCH] jffs2:freely allocate memory when parameters are invalid To: Al Viro CC: , , , , , , , References: <1568962478-126260-1-git-send-email-nixiaoming@huawei.com> <20190920114336.GM1131@ZenIV.linux.org.uk> From: Xiaoming Ni Message-ID: <206f8d57-dad9-26c3-6bf6-1d000f5698d4@huawei.com> Date: Fri, 20 Sep 2019 20:21:53 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <20190920114336.GM1131@ZenIV.linux.org.uk> Content-Type: text/plain; charset="gbk" Content-Transfer-Encoding: 7bit X-Originating-IP: [10.57.88.168] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2019/9/20 19:43, Al Viro wrote: > On Fri, Sep 20, 2019 at 02:54:38PM +0800, Xiaoming Ni wrote: >> Use kzalloc() to allocate memory in jffs2_fill_super(). >> Freeing memory when jffs2_parse_options() fails will cause >> use-after-free and double-free in jffs2_kill_sb() > > ... so we are not freeing it there. What's the problem? No code logic issues, no memory leaks But there is too much code logic between memory allocation and free, which is difficult to understand. The modified code is easier to understand. thanks Xiaoming Ni