Tao,
- Ursprüngliche Mail -
> Von: "Hou Tao"
> In Huawei we use jffs2 broadly in our products to support filesystem on raw
> NOR flash and NAND flash, so fixing the bugs in jffs2 means a lot to us.
>
> Although I have not read all of jffs2 code thoroughly, I had find and "fixed"
> some
Hi Richard,
On 2019/9/20 22:38, Richard Weinberger wrote:
> On Fri, Sep 20, 2019 at 4:14 PM Xiaoming Ni wrote:
>> I still think this is easier to understand:
>> Free the memory allocated by the current function in the failed branch
>
> Please note that jffs2 is in "odd fixes only" maintenance
On Fri, Sep 20, 2019 at 10:13:53PM +0800, Xiaoming Ni wrote:
> 1. drivers/mtd/mtdsuper.c
> mount_mtd_aux() {
>
> /* jffs2_sb_info is allocated in jffs2_fill_super, */
> ret = fill_super(sb, data, flags & SB_SILENT ? 1 : 0);
> if (ret < 0) {
> deactivate_locked_super(sb); /*
On Fri, Sep 20, 2019 at 4:14 PM Xiaoming Ni wrote:
> I still think this is easier to understand:
> Free the memory allocated by the current function in the failed branch
Please note that jffs2 is in "odd fixes only" maintenance mode.
Therefore patches like this cannot be processed.
On my never
On 2019/9/20 20:54, Al Viro wrote:
> On Fri, Sep 20, 2019 at 01:45:33PM +0100, Al Viro wrote:
>> On Fri, Sep 20, 2019 at 08:21:53PM +0800, Xiaoming Ni wrote:
>>>
>>>
>>> On 2019/9/20 19:43, Al Viro wrote:
On Fri, Sep 20, 2019 at 02:54:38PM +0800, Xiaoming Ni wrote:
> Use kzalloc() to
On Fri, Sep 20, 2019 at 01:45:33PM +0100, Al Viro wrote:
> On Fri, Sep 20, 2019 at 08:21:53PM +0800, Xiaoming Ni wrote:
> >
> >
> > On 2019/9/20 19:43, Al Viro wrote:
> > > On Fri, Sep 20, 2019 at 02:54:38PM +0800, Xiaoming Ni wrote:
> > >> Use kzalloc() to allocate memory in jffs2_fill_super().
On Fri, Sep 20, 2019 at 08:21:53PM +0800, Xiaoming Ni wrote:
>
>
> On 2019/9/20 19:43, Al Viro wrote:
> > On Fri, Sep 20, 2019 at 02:54:38PM +0800, Xiaoming Ni wrote:
> >> Use kzalloc() to allocate memory in jffs2_fill_super().
> >> Freeing memory when jffs2_parse_options() fails will cause
> >>
On 2019/9/20 19:43, Al Viro wrote:
> On Fri, Sep 20, 2019 at 02:54:38PM +0800, Xiaoming Ni wrote:
>> Use kzalloc() to allocate memory in jffs2_fill_super().
>> Freeing memory when jffs2_parse_options() fails will cause
>> use-after-free and double-free in jffs2_kill_sb()
>
> ... so we are not
On Fri, Sep 20, 2019 at 02:54:38PM +0800, Xiaoming Ni wrote:
> Use kzalloc() to allocate memory in jffs2_fill_super().
> Freeing memory when jffs2_parse_options() fails will cause
> use-after-free and double-free in jffs2_kill_sb()
... so we are not freeing it there. What's the problem?
Use kzalloc() to allocate memory in jffs2_fill_super().
Freeing memory when jffs2_parse_options() fails will cause
use-after-free and double-free in jffs2_kill_sb()
Reference: commit 92e2921f7eee6345 ("jffs2: free jffs2_sb_info through
jffs2_kill_sb()")
This makes the code difficult to
10 matches
Mail list logo
