| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Apr 2017 17:04:16 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Christophe JAILLET <christophe.jaillet@...adoo.fr>
Cc: herbert@...dor.apana.org.au, davem@...emloft.net,
harsh@...lsio.com, hariprasad@...lsio.com,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: Re: [PATCH 2/2] crypto: chcr - Fix error checking
On Thu, Apr 13, 2017 at 02:14:30PM +0200, Christophe JAILLET wrote:
> If 'chcr_alloc_shash()' a few lines above fails, 'base_hash' can be an
> error pointer when we 'goto out'.
> So checking for NULL here is not enough because it is likely that
> 'chcr_free_shash' will crash if we pass an error pointer.
>
> Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>
> ---
> Another solution, amybe safer, would be to instrument 'chcr_free_shash' or
> 'crypto_free_shash' to accept an error pointer and return immediatelly in
> such a case.
> ---
> drivers/crypto/chelsio/chcr_algo.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c
> index f19590ac8775..41750b97f43c 100644
> --- a/drivers/crypto/chelsio/chcr_algo.c
> +++ b/drivers/crypto/chelsio/chcr_algo.c
> @@ -2351,7 +2351,7 @@ static int chcr_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
> }
> out:
> aeadctx->enckey_len = 0;
> - if (base_hash)
> + if (!IS_ERR_OR_NULL(base_hash))
> chcr_free_shash(base_hash);
Ah... Ok. Fine, but redo the first patch anyway because it shouldn't
ever be NULL.
regards,
dan carpenter
Powered by blists - more mailing lists