[PATCH] separate routine to check jffs2_flash_read
Thomas Gleixner
tglx at linutronix.de
Sun Nov 13 15:36:07 EST 2005
On Fri, 2005-11-11 at 13:25 +0100, Pierre.Ricadat at UTBM.fr wrote:
> Quoting Jörn Engel <joern at wohnheim.fh-wedel.de>:
> > > Here is the new patch for current cvs.
> >
> > Unfortunately in DOS format (0x13,0x10 line breaks). Can you respin
> > it into Unix format?
>
> Oops. Sorry. This is the good one.
Good ? As long as we restrict the view to the file format.
The patch introduces:
- memory leaks
- use after free
- kfree of pointers pointing to a variable on the stack
Have a close look at all callers of this function.
In general, hiding kfree(var) in the error path of a global function,
which purpose is to read data from flash and handle the error conditions
in terms of messages and return value, is a secure source for above
problems.
When neither the author himself nor a reviewer recognizes the hidden
trouble, how is an innocent user supposed not to trap into this ?
Unfortunately the patch was applied already. Fixed in CVS.
BTW, can we please start to add DocBook comments to new functions or to
functions which are reworked ? That way the documentation of the global
functions might be reality some day.
tglx
More information about the linux-mtd
mailing list