| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Sep 2013 12:59:29 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Dominik Paulus <dominik.paulus@....de>
Cc: usbip-devel@...ts.sourceforge.net,
Anthony Foiani <anthony.foiani@...il.com>,
devel@...verdev.osuosl.org, linux-kernel@...cs.fau.de,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-usb@...r.kernel.org,
Kurt Kanzenbach <ly80toro@....cs.fau.de>,
Tobias Polzer <tobias.polzer@....de>,
Harvey Yang <harvey.huawei.yang@...il.com>,
linux-kernel@...r.kernel.org,
Ilija Hadzic <ihadzic@...earch.bell-labs.com>,
Bart Westgeest <bart@...rys.com>,
Joe Perches <joe@...ches.com>,
Jake Champlin <jake.champlin.27@...il.com>,
Stefan Reif <ke42caxa@....cs.fau.de>,
Bernard Blackham <b-linuxgit@...gestprime.net>
Subject: Re: [PATCH 5/7] staging: usbip: Add encryption support to kernel
On Thu, Sep 19, 2013 at 04:11:57PM +0200, Dominik Paulus wrote:
> +int usbip_init_crypto(struct usbip_device *ud, unsigned char *sendkey, unsigned
> + char *recvkey)
> +{
> + int ret;
> +
> + ud->use_crypto = 1;
> +
> + ud->tfm_recv = crypto_alloc_aead("gcm(aes)", 0, 0);
> + if (IS_ERR(ud->tfm_recv))
> + return -PTR_ERR(ud->tfm_recv);
PTR_ERR() already returns a negative.
> + ud->tfm_send = crypto_alloc_aead("gcm(aes)", 0, 0);
> + if (IS_ERR(ud->tfm_send)) {
> + crypto_free_aead(ud->tfm_recv);
> + return -PTR_ERR(ud->tfm_send);
Again. All the uses of PTR_ERR() in this patch have the same problem.
> + plainbuf = kmalloc(USBIP_PACKETSIZE, GFP_KERNEL);
> + if (IS_ERR(plainbuf))
> + return -PTR_ERR(plainbuf);
kmalloc() returns NULL on error and not an ERR_PTR. All the calls to
kmalloc() have this problem.
> + cipherbuf = kmalloc(USBIP_PACKETSIZE, GFP_KERNEL);
> + if (IS_ERR(cipherbuf)) {
> + kfree(plainbuf);
> + return -PTR_ERR(cipherbuf);
> + }
> +
> + while (total < size) {
> + uint32_t packetsize;
> + struct kvec recvvec;
> +
> + /*
> + * We use a global kfifo to buffer unrequested plaintext bytes.
> + * Flush this buffer first before receiving new data.
> + */
> + if (kfifo_len(&ud->recv_queue)) {
> + size_t next = min_t(size_t, kfifo_len(&ud->recv_queue),
> + size - total);
> + /* No error checking necessary - see previous line */
> + ret = kfifo_out(&ud->recv_queue, ((char *)
> + vec[0].iov_base)+total, next);
The comment assume there is only one reader and one writer at a time,
yes? The casting is not needed:
ret = kfifo_out(&ud->recv_queue,
vec[0].iov_base + total, next);
v> + total += next;
> + continue;
> + }
> +
> + /* See usbip_sendmsg() for the format of one encrypted packet */
> +
> + /*
> + * Receive size of next crypto packet
> + */
> + recvvec.iov_base = &packetsize;
> + recvvec.iov_len = sizeof(packetsize);
> +
> + ret = kernel_recvmsg(ud->tcp_socket, msg, &recvvec, 1,
> + sizeof(packetsize), flags);
> + packetsize = be32_to_cpu(packetsize);
> + if (ret <= 0) {
I think a return of zero should mean total = -EBADMSG;. In other words
this check should be "if (ret < 0) {" and we hit the next else if.
Same below again.
> + total = ret;
> + goto err;
> + } else if (ret != sizeof(packetsize)) {
> + total = -EBADMSG;
> + goto err;
> + }
> +
> + if (packetsize > USBIP_PACKETSIZE) {
> + total = -EBADMSG;
> + goto err;
> + }
> +
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists