答复: 答复: 答复: [PATCH] nvme: fix memleak in nvme_ctrl_dhchap_secret_store()

public inbox for linux-nvme@lists.infradead.org
 help / color / mirror / Atom feed

From: zhangqilong <zhangqilong3@huawei.com>
To: Sagi Grimberg <sagi@grimberg.me>, "hare@suse.de" <hare@suse.de>,
	"kbusch@kernel.org" <kbusch@kernel.org>,
	"axboe@fb.com" <axboe@fb.com>, "hch@lst.de" <hch@lst.de>
Cc: "linux-nvme@lists.infradead.org" <linux-nvme@lists.infradead.org>
Subject: 答复: 答复: 答复: [PATCH] nvme: fix memleak in nvme_ctrl_dhchap_secret_store()
Date: Mon, 21 Nov 2022 15:09:57 +0000	[thread overview]
Message-ID: <60ca79176d924b40b646fd1c9d2c3227@huawei.com> (raw)
In-Reply-To: <e86daef2-dcfc-5918-b718-a6f1d3c6cf9b@grimberg.me>

> On 11/21/22 13:54, zhangqilong wrote:
> >>>>>     drivers/nvme/host/core.c | 7 +++++--
> >>>>>     1 file changed, 5 insertions(+), 2 deletions(-)
> >>>>>
> >>>>> diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
> >>>>> index da55ce45ac70..e06d1b3961fe 100644
> >>>>> --- a/drivers/nvme/host/core.c
> >>>>> +++ b/drivers/nvme/host/core.c
> >>>>> @@ -3748,13 +3748,16 @@ static ssize_t
> >>>> nvme_ctrl_dhchap_secret_store(struct device *dev,
> >>>>>     		int ret;
> >>>>>
> >>>>>     		ret = nvme_auth_generate_key(dhchap_secret,
> &ctrl-
> >> host_key);
> >>>>> -		if (ret)
> >>>>> +		if (ret) {
> >>>>> +			kfree(dhchap_secret);
> >>>>>     			return ret;
> >>>>> +		}
> >>>>>     		kfree(opts->dhchap_secret);
> >>>>>     		opts->dhchap_secret = dhchap_secret;
> >>>>>     		/* Key has changed; re-authentication with new key
> */
> >>>>>     		nvme_auth_reset(ctrl);
> >>>>> -	}
> >>>>> +	} else
> >>>>> +		kfree(dhchap_secret);
> >>
> >> Perhaps lets change the check above to strncmp directly against buf
> >> and allocate inside the clause.
> >>
> >
> > Good suggestion and I have updated fixes like:
> >
> > --- a/drivers/nvme/host/core.c
> > +++ b/drivers/nvme/host/core.c
> > @@ -3730,7 +3730,6 @@ static ssize_t
> nvme_ctrl_dhchap_secret_store(struct device *dev,
> >   {
> >          struct nvme_ctrl *ctrl = dev_get_drvdata(dev);
> >          struct nvmf_ctrl_options *opts = ctrl->opts;
> > -       char *dhchap_secret;
> >
> >          if (!ctrl->opts->dhchap_secret)
> >                  return -EINVAL;
> > @@ -3739,17 +3738,20 @@ static ssize_t
> nvme_ctrl_dhchap_secret_store(struct device *dev,
> >          if (memcmp(buf, "DHHC-1:", 7))
> >                  return -EINVAL;
> >
> > -       dhchap_secret = kzalloc(count + 1, GFP_KERNEL);
> > -       if (!dhchap_secret)
> > -               return -ENOMEM;
> > -       memcpy(dhchap_secret, buf, count);
> >          nvme_auth_stop(ctrl);
> > -       if (strcmp(dhchap_secret, opts->dhchap_secret)) {
> > +       if (strncmp(buf, opts->dhchap_secret, count)) {
> >                  int ret;
> > +               char *dhchap_secret;
> >
> > +               dhchap_secret = kzalloc(count + 1, GFP_KERNEL);
> > +               if (!dhchap_secret)
> > +                       return -ENOMEM;
> > +               memcpy(dhchap_secret, buf, count);
> 
> Maybe kmemdup instead?

OK, It looks good. I will update in version v2.

Thanks.
> 
> >                  ret = nvme_auth_generate_key(dhchap_secret, &ctrl->host_key);
> > -               if (ret)
> > +               if (ret) {
> > +                       kfree(dhchap_secret);
> >                          return ret;
> > +               }
> >                  kfree(opts->dhchap_secret);
> >
> > Do you think is it that ok?
> >

     prev parent reply	other threads:[~2022-11-21 15:24 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-21  6:21 [PATCH] nvme: fix memleak in nvme_ctrl_dhchap_secret_store() Zhang Qilong
2022-11-21  9:51 ` Sagi Grimberg
2022-11-21 11:33   ` 答复: " zhangqilong
2022-11-21 11:39     ` Sagi Grimberg
2022-11-21 11:54       ` 答复: " zhangqilong
2022-11-21 14:23         ` Sagi Grimberg
2022-11-21 15:09           ` zhangqilong [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=60ca79176d924b40b646fd1c9d2c3227@huawei.com \
    --to=zhangqilong3@huawei.com \
    --cc=axboe@fb.com \
    --cc=hare@suse.de \
    --cc=hch@lst.de \
    --cc=kbusch@kernel.org \
    --cc=linux-nvme@lists.infradead.org \
    --cc=sagi@grimberg.me \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox