Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,Wolfgang.Stukenbrock%nagler-company.com@localhost
Subject: Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
From: Wolfgang Stukenbrock <Wolfgang.Stukenbrock%nagler-company.com@localhost>
Date: Wed, 8 Dec 2010 17:40:05 +0000 (UTC)

The following reply was made to PR kern/44207; it has been noted by GNATS.

From: Wolfgang Stukenbrock <Wolfgang.Stukenbrock%nagler-company.com@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: kern-bug-people%NetBSD.org@localhost, gnats-admin%NetBSD.org@localhost, 
netbsd-bugs%NetBSD.org@localhost,
        Wolfgang.Stukenbrock%nagler-company.com@localhost
Subject: Re: kern/44207: memory-leak in 
raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
Date: Wed, 08 Dec 2010 18:37:16 +0100

 Hi,
 
 if RF_Malloc() may never fail, there are lots of useless checks for NULL 
 of the allocated memory in this file ...
 Perhaps you should have a look at them too.
 
 W. Stukenbrock
 
 Christos Zoulas wrote:
 
 > The following reply was made to PR kern/44207; it has been noted by GNATS.
 > 
 > From: christos%zoulas.com@localhost (Christos Zoulas)
 > To: gnats-bugs%NetBSD.org@localhost, kern-bug-people%netbsd.org@localhost, 
 >      gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
 > Cc: 
 > Subject: Re: kern/44207: memory-leak in 
 > raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
 > Date: Wed, 8 Dec 2010 11:10:47 -0500
 > 
 >  On Dec 8,  3:15pm, Wolfgang.Stukenbrock%nagler-company.com@localhost 
 > (Wolfgang.Stukenbrock%nagler-company.com@localhost) wrote:
 >  -- Subject: kern/44207: memory-leak in 
 > raid-ioctl(RAIDFRAME_GET_COMPONENT_LAB
 >  
 >  |   While adding support for parity-maps handling the ioctl code for 
 > RAIDFRAME_GET_COMPONENT_LABEL
 >  |   has been changed.
 >  |   Accedently the memory allocated for the copyin is neither checked for 
 > an allocation error
 >  |   anymore, nor the memory is freed on copyin() error or bad values in the 
 > just copied in parameter.
 >  
 >  There cannot be a memory allocation error because RF_Malloc does always 
 > WAITOK
 >  allocations.
 >  | 
 >  |   Another problem during attach of the raidframe driver is, that the 
 > number of available
 >  |   raid devices is not reset to 0 if no memory for the softc structures 
 > can be allocated.
 >  |   This of cause will be a very rare situation, but if it happens access 
 > to not-allocated
 >  |   memory may happen. (Found by checking all RF_Malloc()'s in this file 
 > ...)
 >  | >How-To-Repeat:
 >  |   Found by a look into the sources.
 >  |   You may trigger it by passing bad values in the parameter for the 
 > component-label-column.
 >  | >Fix:
 >  |   The following fix will remove both problems.
 >  
 >  Thanks.
 >  
 >  christos
 >  
 > 
 
 
 -- 
 
 
 Dr. Nagler & Company GmbH
 Hauptstraße 9
 92253 Schnaittenbach
 
 Tel. +49 9622/71 97-42
 Fax +49 9622/71 97-50
 
 Wolfgang.Stukenbrock%nagler-company.com@localhost
 http://www.nagler-company.com
 
 
 Hauptsitz: Schnaittenbach
 Handelregister: Amberg HRB
 Gerichtsstand: Amberg
 Steuernummer: 201/118/51825
 USt.-ID-Nummer: DE 273143997
 Geschäftsführer: Dr. Martin Nagler, Dr. Dr. Karl-Kuno Kunze

Prev by Date: Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
Next by Date: Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
Previous by Thread: Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
Next by Thread: Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
Indexes:

Home | Main Index | Thread Index | Old Index