| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Sep 2017 19:51:08 +0300
From: Vasily Averin <vvs@...tuozzo.com>
To: keyrings@...r.kernel.org
Cc: David Howells <dhowells@...hat.com>,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org,
James Morris <james.l.morris@...cle.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Konstantin Khorenko <khorenko@...tuozzo.com>
Subject: [PATCH] KEYS: key refcounting cleanup in keyctl_read_key
key_put is lost if key_permission() returns non-EACCES error
Fixes: 29db919063406 ("Keys: Add LSM hooks for key management [try #3]")
Reported-by: Konstantin Khorenko <khorenko@...tuozzo.com>
Signed-off-by: Vasily Averin <vvs@...tuozzo.com>
---
security/keys/keyctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index ab0b337..70efb2d 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -771,7 +771,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
if (ret == 0)
goto can_read_key;
if (ret != -EACCES)
- goto error;
+ goto error2;
/* we can't; see if it's searchable from this process's keyrings
* - we automatically take account of the fact that it may be
--
2.7.4
Powered by blists - more mailing lists