ACK/Cmnt: [FOCAL][CVE-2019-19054][PATCH] media: rc: prevent memory leak in cx23888_ir_probe

Stefan Bader stefan.bader at canonical.com
Thu Aug 20 14:08:45 UTC 2020 

On 19.08.20 05:29, Kelsey Skunberg wrote:
> On 2020-08-14 09:34:49 , Stefan Bader wrote:
>> On 12.08.20 19:51, William Breathitt Gray wrote:
>>> From: Navid Emamdoost <navid.emamdoost at gmail.com>
>>>
>>> In cx23888_ir_probe if kfifo_alloc fails the allocated memory for state
>>> should be released.
>>>
>>> Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
>>> Signed-off-by: Sean Young <sean at mess.org>
>>> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung at kernel.org>
>>>
>>> CVE-2019-19054
>>>
>>> (cherry picked from a7b2df76b42bdd026e3106cf2ba97db41345a177)
>>> Signed-off-by: William Breathitt Gray <william.gray at canonical.com>
>> Acked-by: Stefan Bader <stefan.bader at canonical.com>
>>> ---
>>
>> As Thadeu already said, normally it is better to hold back submitting something
>> until all series which potentially need this have been prepared. And as soon as
>> that means separate patches combine those under a cover email which refers to
>> all series in the subject.
>>
>> The reasoning there is that when you glance over things in a threaded view, one
>> normally only sees the cover subject. And in cases where something quickly needs
>> to go in there might be chances to be missed.
>>
>> In this case it looks like it ended up being a cherry pick for all series. In
>> that case waiting would have saved a lot of time because you would only have to
>> submit one patch without cover email and people only have to look at one thing.
>>
>> For future reference.
>>
> 
> Hi Stefan, 
> 
> To avoid any assumptions, is this ACK for F/X/B or only Focal?

Yes, it was. Normally acking the first mail in a thread would be to cover
anything below. But you are right, in this case it is a bit confusing.

-Stefan

> 
> -Kelsey
> 
>>>  drivers/media/pci/cx23885/cx23888-ir.c | 5 ++++-
>>>  1 file changed, 4 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/media/pci/cx23885/cx23888-ir.c b/drivers/media/pci/cx23885/cx23888-ir.c
>>> index e880afe37f15..d59ca3601785 100644
>>> --- a/drivers/media/pci/cx23885/cx23888-ir.c
>>> +++ b/drivers/media/pci/cx23885/cx23888-ir.c
>>> @@ -1167,8 +1167,11 @@ int cx23888_ir_probe(struct cx23885_dev *dev)
>>>  		return -ENOMEM;
>>>  
>>>  	spin_lock_init(&state->rx_kfifo_lock);
>>> -	if (kfifo_alloc(&state->rx_kfifo, CX23888_IR_RX_KFIFO_SIZE, GFP_KERNEL))
>>> +	if (kfifo_alloc(&state->rx_kfifo, CX23888_IR_RX_KFIFO_SIZE,
>>> +			GFP_KERNEL)) {
>>> +		kfree(state);
>>>  		return -ENOMEM;
>>> +	}
>>>  
>>>  	state->dev = dev;
>>>  	sd = &state->sd;
>>>
>>
>>
> 
> 
> 
> 
>> -- 
>> kernel-team mailing list
>> kernel-team at lists.ubuntu.com
>> https://lists.ubuntu.com/mailman/listinfo/kernel-team
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20200820/4ee31f28/attachment.sig>

More information about the kernel-team mailing list