staging: p9auth: prevent some oopses and memory leaks
Before all testcases, do: mknod /dev/caphash c 253 0 mknod /dev/capuse c 253 1 This patch does the following: 1. caphash write of > CAP_NODE_SIZE bytes overruns node_ptr->data (test: cat /etc/mime.types > /dev/caphash) 2. make sure we don't dereference a NULL cap_devices[0].head (test: cat serge@root@abab > /dev/capuse) 3. don't let strlen dereference a NULL target_user etc (test: echo ab > /dev/capuse) 4. Don't leak a bunch of memory in cap_write(). Note that technically node_ptr is not needed for the capuse write case. As a result I have a much more extensive patch splitting up cap_write(), but I thought a smaller patch that is easier to test and verify would be a better start. To test: cnt=0 while [ 1 ]; do echo /etc/mime.types > /dev/capuse if [ $((cnt%25)) -eq 0 ]; then head -2 /proc/meminfo fi cnt=$((cnt+1)) sleep 0.3 done Without this patch, it MemFree steadily drops. With the patch, it does not. I have *not* tested this driver (with or without these patches) with factotum or anything - only using the tests described above. Signed-off-by:Serge E. Hallyn <serue@us.ibm.com> Signed-off-by:
Loading
Please register or sign in to comment