| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Nov 2012 14:34:31 +0200 From: Tommi Rantala <tt.rantala@...il.com> To: linux-kernel@...r.kernel.org Cc: Dave Jones <davej@...hat.com>, Tommi Rantala <tt.rantala@...il.com>, David Howells <dhowells@...hat.com>, James Morris <james.l.morris@...cle.com>, keyrings@...ux-nfs.org, linux-security-module@...r.kernel.org Subject: [PATCH] KEYS: fix KEYCTL_INSTANTIATE_IOV error case memory leak Avoid leaking memory in the keyctl() KEYCTL_INSTANTIATE_IOV operation, by also checking in the error case if rw_copy_check_uvector() kmalloc'd memory for us. Discovered with Trinity. Signed-off-by: Tommi Rantala <tt.rantala@...il.com> --- security/keys/keyctl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 5d34b4e..a2c32a2 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -1132,12 +1132,13 @@ long keyctl_instantiate_key_iov(key_serial_t id, ret = rw_copy_check_uvector(WRITE, _payload_iov, ioc, ARRAY_SIZE(iovstack), iovstack, &iov); if (ret < 0) - return ret; + goto out; if (ret == 0) goto no_payload_free; ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid); +out: if (iov != iovstack) kfree(iov); return ret; -- 1.7.9.5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists