Received: by 2002:a05:7412:b130:b0:e2:908c:2ebd with SMTP id az48csp1157261rdb; Sat, 18 Nov 2023 05:28:24 -0800 (PST) X-Google-Smtp-Source: AGHT+IEYEXG5bOGvT4eO28LMkKlT3SgQPTtvyMYV/OC+kFHu7rS1BA+qi8hsActPlVbZQ4AOktfi X-Received: by 2002:a05:6a20:2d09:b0:186:7eaf:7176 with SMTP id g9-20020a056a202d0900b001867eaf7176mr2540197pzl.59.1700314104249; Sat, 18 Nov 2023 05:28:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700314104; cv=none; d=google.com; s=arc-20160816; b=BVpBAIwVCnkMmmwfbdJhlXTX4Ou31Qjhi+E4035bKElUvO52DdgdSh7KCnzbINZryB rWvqwD3FmKl0pprDxKyuhDYhrTzPqTW4HQSU9UWSnXzA9ln1vy1SYiIHu5MjkQCm6DFN fEJcD+6gSE8Cd9elDx+qYJV+ONaUOq+zi4ynJebXwJG2vA8IozBjHF6Lyh8tyxqkE3QI GmQSZr+3dRJbw8v3UAfHZLhGk7nKrv/7PqgGEqcKjw9C+4RzkwYUtXWASRym5njFfuLX j5VYF5ZNCakYuc/5f8Lrx3Xptt2vHQhzRPis6/0CObynqviI4N+VBo5F6D4pIvPx8Vl3 vrqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=DjRg7NGUQPfxOSlfCXCbAcbz7uHVwoni3DCMCnip4wU=; fh=06vnI50f4YHuC2+gk6LlClby+D35JgkbyEdYcyFYfeA=; b=JNENEhLCdSCsOU1Wae6pEvkOUrLpdHy0Ur5AUQKCfRxlrrfUGYH6OVKYyElKvUDe4n FyY4C5JssUHxva1OBPNV4bZ8vN3emMpCLnC7jY9S8j3+HPNPWL/QYdoJBmwr3sULMEw2 w5cpUx7nzfVycHiaAazSw+1ySpAV0hhty45Nzrd8SZAnimbwBCcZZNdkWOTGYv5NSLP3 1x3Q9+PdoqH5y3ggK9DtcqqIALu6JMazA1dLgjJmMVNBe6uUAe0IAyMPZwfU+mRzIrBN 0Zo5FI38iFJdfiUpkGC9BzoYw9/9CjVVOdomck6byTdO9AJyixCO3uQhye2jQJbNgRL4 /QjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=m2hTOLBQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id k65-20020a632444000000b005be1ee5c3f2si4078074pgk.289.2023.11.18.05.28.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 18 Nov 2023 05:28:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=m2hTOLBQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id DFA938053624; Sat, 18 Nov 2023 05:28:21 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229687AbjKRN2P (ORCPT + 99 others); Sat, 18 Nov 2023 08:28:15 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41070 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229793AbjKRN2O (ORCPT ); Sat, 18 Nov 2023 08:28:14 -0500 Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 80EF7131; Sat, 18 Nov 2023 05:28:09 -0800 (PST) Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-9c2a0725825so406922966b.2; Sat, 18 Nov 2023 05:28:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700314088; x=1700918888; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=DjRg7NGUQPfxOSlfCXCbAcbz7uHVwoni3DCMCnip4wU=; b=m2hTOLBQAQiRbHf2zgNFapeZXHK1pmihkv3SJU53LxkjE05dxWeV1rg6bYa6xUW/JV 2bFsgS7fGNhPWweB1yNrfK7K4OqAY9iPxsSECN93GBqSI7QMapJjRz8e5Gru9xDVNLH0 ILkZuaLA2gvB8R/Xz2KmEEeWT3ZVZKCBfjnJ4xB+F0xay4d1zGdpyMEhjwPah40YWLRf PzGVMC4fIqthWzyenLlhfxHKbq+uMFJLqijdUwZBpAfXxKkA7A7SoHxXikg/pltqZ48i I1TH0HtuuA+q9aoknek+u5DdemeNtgvqJiCpmyYW73VnOXEee7AOIOgsR5sNfWdN9pr7 ushw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700314088; x=1700918888; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DjRg7NGUQPfxOSlfCXCbAcbz7uHVwoni3DCMCnip4wU=; b=jzo8fgrMAuhg9qr5kMpyWzSXcqh6pYRNsP/RI5jHa5Il/Y1sPex678TbAu+Qf/iuYi EUxHJYRXCrA578zENBhlJYAxM4d9DRi3CiWxWTgh4K4ca6vAH9P1EYUhFx32PM+Sa3JY qQDgWq+mXVCl1ZoLWgfhPXRnXaIY0NhbCZlfbM1Qcnat3qoelaUgD+DOEpeOOkxw2Afg 5Ni7hvv2OcBGPO7gK3OYRtTjjKNVsE4cvOYrbMOA8t4SPdrNW3wAbtRIYLR0ovxVZYje DrEh0xUH8ExSTF0XtW6dPb930WydXQCnOJu98wBBM8Mv/PecOO+d+oThBwVj/5HzuR85 QGRQ== X-Gm-Message-State: AOJu0YxAGT1AA848SQvCFUQF7Fi2C8eKZZqhXMp5iHUtN5efW2Crkz4m apCBJWqc6oZ4dx1hyBjslf2WpaJKL3KwmGqwhw4ZbW/F8bN2vA== X-Received: by 2002:a17:906:f106:b0:9cf:18ce:95e6 with SMTP id gv6-20020a170906f10600b009cf18ce95e6mr1550870ejb.62.1700314087783; Sat, 18 Nov 2023 05:28:07 -0800 (PST) MIME-Version: 1.0 References: <20231118113357.1999-1-kamil.duljas@gmail.com> <20231118120235.GA30289@breakpoint.cc> In-Reply-To: <20231118120235.GA30289@breakpoint.cc> From: Kamil Duljas Date: Sat, 18 Nov 2023 14:27:56 +0100 Message-ID: Subject: Re: [PATCH] genetlink: Prevent memory leak when krealloc fail To: Florian Westphal Cc: Jakub Kicinski , "David S . Miller" , Eric Dumazet , Paolo Abeni , Jiri Pirko , Johannes Berg , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Sat, 18 Nov 2023 05:28:22 -0800 (PST) Yes, you're right. I did not think about it. So if we have a static pointer that may be resued, should not restore the pointer as at the beginning? static unsigned long *mc_groups =3D &mc_group_start; At this moment we don't know how much memory is allocated. What do you think about this? > new_groups =3D krealloc(mc_groups, nlen, > GFP_KERNEL); > - if (!new_groups) > + if (!new_groups) { > + kfree(mc_groups); > + mc_groups =3D &mc_group_start; > return -ENOMEM; > + } sob., 18 lis 2023 o 13:02 Florian Westphal napisa=C5=82(a): > > Kamil Duljas wrote: > > genl_allocate_reserve_groups() allocs new memory in while loop > > but if krealloc fail, the memory allocated by kzalloc is not freed. > > It seems allocated memory is unnecessary when the function > > returns -ENOMEM > > Why should it be free'd? mc_groups is not a local variable. > > > new_groups =3D krealloc(mc_groups, nlen, > > GFP_KERNEL); > > - if (!new_groups) > > + if (!new_groups) { > > + kfree(mc_groups); > > return -ENOMEM; > > + } > > How did you test this? AFAICS this results in use-after-free for every > access to mc_groups after this error path is taken. > > Existing code looks correct, we can't grow mc_groups and return an > error. --=20 Pozdrawiam, Kamil Duljas