| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160216090851.GS29699@soda.linbit>
Date: Tue, 16 Feb 2016 10:08:51 +0100
From: Lars Ellenberg <lars.ellenberg@...bit.com>
To: Insu Yun <wuninsu@...il.com>
Cc: philipp.reisner@...bit.com, drbd-dev@...ts.linbit.com,
linux-kernel@...r.kernel.org, taesoo@...ech.edu,
yeongjin.jang@...ech.edu, insu@...ech.edu, changwoo@...ech.edu
Subject: Re: [PATCH] drbd: correctly handling failed crypto_alloc_hash
On Mon, Feb 15, 2016 at 09:26:25PM -0500, Insu Yun wrote:
> crypto_alloc_hash returns an error code, not NULL.
You are correct, of course. Was broken since its introduction
five years ago. Strange though, we have a helper function further
down in that file, and other, even much older, call sites as well,
which are doing the IS_ERR() correctly.
Apparently no-one ever requested a non-supported alg.
> Signed-off-by: Insu Yun <wuninsu@...il.com>
> ---
> drivers/block/drbd/drbd_receiver.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> index 1957fe8..9063462 100644
> --- a/drivers/block/drbd/drbd_receiver.c
> +++ b/drivers/block/drbd/drbd_receiver.c
> @@ -3403,7 +3403,7 @@ static int receive_protocol(struct drbd_connection *connection, struct packet_in
> */
>
> peer_integrity_tfm = crypto_alloc_hash(integrity_alg, 0, CRYPTO_ALG_ASYNC);
> - if (!peer_integrity_tfm) {
> + if (IS_ERR(peer_integrity_tfm)) {
> drbd_err(connection, "peer data-integrity-alg %s not supported\n",
> integrity_alg);
> goto disconnect;
Your patch is incomplete, though:
the first action in the "disconnect" cleanup path is
crypto_free_hash(peer_integrity_tfm);
so we better make sure it is not trying to free an error pointer:
diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
index c097909..6054c53 100644
--- a/drivers/block/drbd/drbd_receiver.c
+++ b/drivers/block/drbd/drbd_receiver.c
@@ -3376,7 +3376,8 @@ static int receive_protocol(struct drbd_connection *connection, struct packet_in
*/
peer_integrity_tfm = crypto_alloc_hash(integrity_alg, 0, CRYPTO_ALG_ASYNC);
- if (!peer_integrity_tfm) {
+ if (IS_ERR(peer_integrity_tfm)) {
+ peer_integrity_tfm = NULL;
drbd_err(connection, "peer data-integrity-alg %s not supported\n",
integrity_alg);
goto disconnect;
Thanks,
Lars
Powered by blists - more mailing lists