| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <a0f6ad87c1b9e04304e2ff4b4ddad92e7415f21f.1492085165.git.christophe.jaillet@wanadoo.fr>
Date: Thu, 13 Apr 2017 14:14:30 +0200
From: Christophe JAILLET <christophe.jaillet@...adoo.fr>
To: herbert@...dor.apana.org.au, davem@...emloft.net,
harsh@...lsio.com, hariprasad@...lsio.com
Cc: linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org,
Christophe JAILLET <christophe.jaillet@...adoo.fr>
Subject: [PATCH 2/2] crypto: chcr - Fix error checking
If 'chcr_alloc_shash()' a few lines above fails, 'base_hash' can be an
error pointer when we 'goto out'.
So checking for NULL here is not enough because it is likely that
'chcr_free_shash' will crash if we pass an error pointer.
Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>
---
Another solution, amybe safer, would be to instrument 'chcr_free_shash' or
'crypto_free_shash' to accept an error pointer and return immediatelly in
such a case.
---
drivers/crypto/chelsio/chcr_algo.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c
index f19590ac8775..41750b97f43c 100644
--- a/drivers/crypto/chelsio/chcr_algo.c
+++ b/drivers/crypto/chelsio/chcr_algo.c
@@ -2351,7 +2351,7 @@ static int chcr_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
}
out:
aeadctx->enckey_len = 0;
- if (base_hash)
+ if (!IS_ERR_OR_NULL(base_hash))
chcr_free_shash(base_hash);
return -EINVAL;
}
--
2.11.0
Powered by blists - more mailing lists