[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL)
The following reply was made to PR kern/44207; it has been noted by GNATS.
From: Greg Oster <oster%cs.usask.ca@localhost>
To: Wolfgang Stukenbrock <Wolfgang.Stukenbrock%nagler-company.com@localhost>
Cc: gnats-bugs%NetBSD.org@localhost, kern-bug-people%NetBSD.org@localhost,
Subject: Re: kern/44207: memory-leak in
Date: Wed, 8 Dec 2010 12:02:17 -0600
On Wed, 08 Dec 2010 18:37:16 +0100
Wolfgang Stukenbrock <Wolfgang.Stukenbrock%nagler-company.com@localhost> wrote:
> if RF_Malloc() may never fail, there are lots of useless checks for
> NULL of the allocated memory in this file ...
> Perhaps you should have a look at them too.
heh.. I wonder why I never noticed that years ago when I did the
big memory allocation changes... There's lots of those checks that can
get ripped out.... (and some of them propagate to further useless
checks.. :-/ ) =20
Thanks for finding these...
> Christos Zoulas wrote:
> > The following reply was made to PR kern/44207; it has been noted by
> > GNATS.
> > From: christos%zoulas.com@localhost (Christos Zoulas)
> > To: gnats-bugs%NetBSD.org@localhost,
> > kern-bug-people%netbsd.org@localhost,=20
> > gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
> > Cc:=20
> > Subject: Re: kern/44207: memory-leak in
> > raid-ioctl(RAIDFRAME_GET_COMPONENT_LABEL) Date: Wed, 8 Dec 2010
> > 11:10:47 -0500
> > On Dec 8, 3:15pm, Wolfgang.Stukenbrock%nagler-company.com@localhost
> > (Wolfgang.Stukenbrock%nagler-company.com@localhost) wrote: -- Subject:
> > kern/44207: memory-leak in raid-ioctl(RAIDFRAME_GET_COMPONENT_LAB=20
> > | While adding support for parity-maps handling the ioctl
> > code for RAIDFRAME_GET_COMPONENT_LABEL | has been changed.
> > | Accedently the memory allocated for the copyin is
> > neither checked for an allocation error | anymore, nor the
> > memory is freed on copyin() error or bad values in the just copied
> > in parameter. There cannot be a memory allocation error because
> > RF_Malloc does always WAITOK allocations.
> > |=20
> > | Another problem during attach of the raidframe driver
> > is, that the number of available | raid devices is not
> > reset to 0 if no memory for the softc structures can be allocated.
> > | This of cause will be a very rare situation, but if it
> > happens access to not-allocated | memory may happen. (Found
> > by checking all RF_Malloc()'s in this file ...) | >How-To-Repeat: |
> > Found by a look into the sources. | You may trigger
> > it by passing bad values in the parameter for the
> > component-label-column. | >Fix: | The following fix will
> > remove both problems.=20
> > Thanks.
> > =20
> > christos
> > =20
> Dr. Nagler & Company GmbH
> Hauptstra=DFe 9
> 92253 Schnaittenbach
> Tel. +49 9622/71 97-42
> Fax +49 9622/71 97-50
> Hauptsitz: Schnaittenbach
> Handelregister: Amberg HRB
> Gerichtsstand: Amberg
> Steuernummer: 201/118/51825
> USt.-ID-Nummer: DE 273143997
> Gesch=E4ftsf=FChrer: Dr. Martin Nagler, Dr. Dr. Karl-Kuno Kunze
Main Index |
Thread Index |