Your message dated Fri, 31 May 2019 16:03:39 +0000
with message-id <[email protected]>
and subject line Bug#929316: fixed in acpi-call 1.1.0-5
has caused the Debian Bug report #929316,
regarding dkms driver acpi-call can leak memory
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
929316: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929316
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: acpi-call
Version: 1.1.0-4
Static analysis with Coverity has picked up a memory leak in the
acpi-call dkms driver.
In function acpi_proc_write() the call to parse_acpi_args() can return
allocated buffers as pointed to by args even when the function returns
null. Hence the kfree of args buffers needs to be done if args is not
null no matter if method is null or not-null.
Attached is a proposed fixed to go into debian/patches.
Regards,
Colin
Description: Fix memory leak on args
parse_acpi_args can may have allocated args even when method is null
Author: Colin Ian King <[email protected]>
Origin: vendor, https://bugs.launchpad.net/ubuntu/+source/acpi-call/+bug/1829883
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/acpi-call/+bug/1829883
Last-Update: 2019-05-21
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
Index: acpi-call-1.1.0/acpi_call.c
===================================================================
--- acpi-call-1.1.0.orig/acpi_call.c
+++ acpi-call-1.1.0/acpi_call.c
@@ -282,14 +282,15 @@ static int acpi_proc_write( struct file
input[len-1] = '\0';
method = parse_acpi_args(input, &nargs, &args);
- if (method) {
+ if (method)
do_acpi_call(method, nargs, args);
- if (args) {
- for (i=0; i<nargs; i++)
- if (args[i].type == ACPI_TYPE_BUFFER)
- kfree(args[i].buffer.pointer);
- kfree(args);
+
+ if (args) {
+ for (i=0; i<nargs; i++) {
+ if (args[i].type == ACPI_TYPE_BUFFER)
+ kfree(args[i].buffer.pointer);
}
+ kfree(args);
}
return len;
--- End Message ---
--- Begin Message ---
Source: acpi-call
Source-Version: 1.1.0-5
We believe that the bug you reported is fixed in the latest version of
acpi-call, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Raphaël Halimi <[email protected]> (supplier of updated acpi-call
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 31 May 2019 17:33:13 +0200
Source: acpi-call
Architecture: source
Version: 1.1.0-5
Distribution: unstable
Urgency: medium
Maintainer: Raphaël Halimi <[email protected]>
Changed-By: Raphaël Halimi <[email protected]>
Closes: 929316
Changes:
acpi-call (1.1.0-5) unstable; urgency=medium
.
* [302afec] Migrate project to Salsa
* [a412748] Use secure copyright file specification URI.
Thanks to Jelmer Vernooij
* [c633d47] Add patch to fix memory leak.
Thanks to Colin Ian King for the patch (Closes: #929316) (LP: #1829883)
* [8f5f753] Don't build module when ACPI is disabled.
Thanks to Seth Forshee, Thadeu Lima de Souza Cascardo, Michael Jeanson and
others for ideas and testing (LP: #1830040)
* [757be2b] Bump Standards-Version to 4.3.0
* [1e7e83a] Override lintian warning about missing test suite
Checksums-Sha1:
a14e5816f54d61f58a32e797f33ab6186c31a7f4 2001 acpi-call_1.1.0-5.dsc
4c1bbe752d13c93cc81f93eed5bbf0eb4d570644 3860 acpi-call_1.1.0-5.debian.tar.xz
a5482024f8a8bc98fd7347899a53d458b2d20f67 5656 acpi-call_1.1.0-5_amd64.buildinfo
Checksums-Sha256:
f0f7d9cd8497c7e3a22067513beccfdcd915207ceafcb463be06265fc0503322 2001
acpi-call_1.1.0-5.dsc
290b7cbf79d9488e57571cc7a5b7406bb0a05bbe65ef72605771197846bce7bf 3860
acpi-call_1.1.0-5.debian.tar.xz
6217c963a8b90d323e3179e3cfaac7be3d6a9725aa5c1943d7dd2120eb678f41 5656
acpi-call_1.1.0-5_amd64.buildinfo
Files:
314de3410f252985302f54785abbf187 2001 kernel optional acpi-call_1.1.0-5.dsc
34cd8e5add2d9fafb7e28a0f5fe07f08 3860 kernel optional
acpi-call_1.1.0-5.debian.tar.xz
19093a7e3f6ed0504275c4d57f5baa6d 5656 kernel optional
acpi-call_1.1.0-5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEb6lOxdKMjWi+eSrvTZn2ZgpZgnsFAlzxS6pfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDZG
QTk0RUM1RDI4QzhENjhCRTc5MkFFRjREOTlGNjY2MEE1OTgyN0IACgkQTZn2ZgpZ
gntT1w//VOxQXzNurdD1RfMWH/g8CnFB8iP2hoakDLwrvj5yOIIbdtEOjfiISM0k
F4sPsuxi33UxcTnZDxtHVAvEbTTeFHUwMVfAsMhHQCpOFmiFv/Dqi3X69D5lKcQI
XeeGvvnZZjL8/zaytlta9lJCqfXYu9iZI1/F8oi88M8mmiMeLbGzLuFEWIq23HI/
RlTiZCCw75rK6lZviDRQ7XCX7Q3hosrXind7UaYrS5nLPnmAds+kTCc7JOsdZvlQ
Sjt3+nodTPvu4vqG62fH08SSxL+7WFDJwN7wo+yOk0Ea5XKT+L8Jjs8VDqq/bFtA
4StFpnFwJrOV6WBQtxmAtL6dSOp41yXEUVRVjvQpwzkj3com79jRiqLeVdmKfYGe
bVXXbc7ihmzsbkuVJPNhx8261aGy1ABH3voJPYxLhEAosoCAwef6purXHIMqkwoD
jVxineH8CuIMIRuiTaXIMFBZyTw1YBowS2h7DECeMdUtDyZD9SpFCcZrydn1SJKF
qXcOQAuiHMX2uKY9bbmoJtKdCUY54OKZUMmQuwr/mA01TYRPSr761nN+Blrw8O62
TbFIsf0Es/XwBiVorfKBjwxQAIR5pF2m3VscLw06BNHz46a64I4lAqhN+qa39xc2
87fhM4NtB4yIelSEij3XBxeZxAEGdekzPY1nht2fDVxf/zj7cJU=
=yUAu
-----END PGP SIGNATURE-----
--- End Message ---
