* [PATCH] kobject: Fix kobject_set_name_vargs() @ 2010-03-11 20:50 Eric Dumazet 2010-03-12 4:15 ` Greg KH 0 siblings, 1 reply; 4+ messages in thread From: Eric Dumazet @ 2010-03-11 20:50 UTC (permalink / raw) To: Greg KH; +Cc: linux-kernel In case of kvasprintf() failure, we can leak old kobject name. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> --- diff --git a/lib/kobject.c b/lib/kobject.c index 8115eb1..1247c57 100644 --- a/lib/kobject.c +++ b/lib/kobject.c @@ -222,8 +222,10 @@ int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, return 0; kobj->name = kvasprintf(GFP_KERNEL, fmt, vargs); - if (!kobj->name) + if (!kobj->name) { + kobj->name = old_name; return -ENOMEM; + } /* ewww... some of these buggers have '/' in the name ... */ while ((s = strchr(kobj->name, '/'))) ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] kobject: Fix kobject_set_name_vargs() 2010-03-11 20:50 [PATCH] kobject: Fix kobject_set_name_vargs() Eric Dumazet @ 2010-03-12 4:15 ` Greg KH 2010-03-12 4:39 ` Kay Sievers 0 siblings, 1 reply; 4+ messages in thread From: Greg KH @ 2010-03-12 4:15 UTC (permalink / raw) To: Eric Dumazet, Kay Sievers; +Cc: linux-kernel On Thu, Mar 11, 2010 at 09:50:52PM +0100, Eric Dumazet wrote: > In case of kvasprintf() failure, we can leak old kobject name. > > Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> > --- > diff --git a/lib/kobject.c b/lib/kobject.c > index 8115eb1..1247c57 100644 > --- a/lib/kobject.c > +++ b/lib/kobject.c > @@ -222,8 +222,10 @@ int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, > return 0; > > kobj->name = kvasprintf(GFP_KERNEL, fmt, vargs); > - if (!kobj->name) > + if (!kobj->name) { > + kobj->name = old_name; > return -ENOMEM; > + } Are you sure? I think we've been over this very thing many times in the past... Kay, I can't recall the issue here, can you? thanks, greg k-h ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] kobject: Fix kobject_set_name_vargs() 2010-03-12 4:15 ` Greg KH @ 2010-03-12 4:39 ` Kay Sievers 2010-03-12 4:46 ` Kay Sievers 0 siblings, 1 reply; 4+ messages in thread From: Kay Sievers @ 2010-03-12 4:39 UTC (permalink / raw) To: Greg KH; +Cc: Eric Dumazet, linux-kernel On Fri, Mar 12, 2010 at 05:15, Greg KH <greg@kroah.com> wrote: > On Thu, Mar 11, 2010 at 09:50:52PM +0100, Eric Dumazet wrote: >> In case of kvasprintf() failure, we can leak old kobject name. >> >> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> >> --- >> diff --git a/lib/kobject.c b/lib/kobject.c >> index 8115eb1..1247c57 100644 >> --- a/lib/kobject.c >> +++ b/lib/kobject.c >> @@ -222,8 +222,10 @@ int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, >> return 0; >> >> kobj->name = kvasprintf(GFP_KERNEL, fmt, vargs); >> - if (!kobj->name) >> + if (!kobj->name) { >> + kobj->name = old_name; >> return -ENOMEM; >> + } > > Are you sure? I think we've been over this very thing many times in the > past... > > Kay, I can't recall the issue here, can you? I think we just lost attention to it, and never made a final decision. There have been some issues, I also don't really remember. I myself have an unsubmitted patch for this problem here since 9 months: http://git.kernel.org/?p=linux/kernel/git/kay/patches.git;a=blob;f=kobj-leak.patch;hb=HEAD Seems, we should start thinking about the problem again. And if we decide to do nothing at least add a comment why we don't. :) Thanks, Kay ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] kobject: Fix kobject_set_name_vargs() 2010-03-12 4:39 ` Kay Sievers @ 2010-03-12 4:46 ` Kay Sievers 0 siblings, 0 replies; 4+ messages in thread From: Kay Sievers @ 2010-03-12 4:46 UTC (permalink / raw) To: Greg KH; +Cc: Eric Dumazet, linux-kernel On Fri, Mar 12, 2010 at 05:39, Kay Sievers <kay.sievers@vrfy.org> wrote: > On Fri, Mar 12, 2010 at 05:15, Greg KH <greg@kroah.com> wrote: >> On Thu, Mar 11, 2010 at 09:50:52PM +0100, Eric Dumazet wrote: >>> In case of kvasprintf() failure, we can leak old kobject name. >>> >>> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> >>> --- >>> diff --git a/lib/kobject.c b/lib/kobject.c >>> index 8115eb1..1247c57 100644 >>> --- a/lib/kobject.c >>> +++ b/lib/kobject.c >>> @@ -222,8 +222,10 @@ int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, >>> return 0; >>> >>> kobj->name = kvasprintf(GFP_KERNEL, fmt, vargs); >>> - if (!kobj->name) >>> + if (!kobj->name) { >>> + kobj->name = old_name; >>> return -ENOMEM; >>> + } >> >> Are you sure? I think we've been over this very thing many times in the >> past... >> >> Kay, I can't recall the issue here, can you? > > I think we just lost attention to it, and never made a final decision. > There have been some issues, I also don't really remember. > > I myself have an unsubmitted patch for this problem here since 9 months: > http://git.kernel.org/?p=linux/kernel/git/kay/patches.git;a=blob;f=kobj-leak.patch;hb=HEAD > > Seems, we should start thinking about the problem again. And if we > decide to do nothing at least add a comment why we don't. :) Found the old discussion, which ended in no action: http://lkml.org/lkml/2009/6/27/160 It was about simplifying the logic and not to allow to set a kobject name several times in a row. Sounds good to me to try that, and raise a BUG if the name is set a second time. If we don't support that, all can be simplified, and the original issue, that has come up again now, will be gone with that. Thanks, Kay ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-03-12 4:46 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2010-03-11 20:50 [PATCH] kobject: Fix kobject_set_name_vargs() Eric Dumazet 2010-03-12 4:15 ` Greg KH 2010-03-12 4:39 ` Kay Sievers 2010-03-12 4:46 ` Kay Sievers
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox