| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Nov 2017 11:12:07 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org,
Tudor Ambarus <tudor.ambarus@...rochip.com>,
Herbert Xu <herbert@...dor.apana.org.au>
Subject: [PATCH 4.9 15/25] crypto: dh - fix memleak in setkey
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Tudor-Dan Ambarus <tudor.ambarus@...rochip.com>
commit ee34e2644a78e2561742bea8c4bdcf83cabf90a7 upstream.
setkey can be called multiple times during the existence
of the transformation object. In case of multiple setkey calls,
the old key was not freed and we leaked memory.
Free the old MPI key if any.
Signed-off-by: Tudor Ambarus <tudor.ambarus@...rochip.com>
Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
crypto/dh.c | 3 +++
1 file changed, 3 insertions(+)
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -84,6 +84,9 @@ static int dh_set_secret(struct crypto_k
struct dh_ctx *ctx = dh_get_ctx(tfm);
struct dh params;
+ /* Free the old MPI key if any */
+ dh_free_ctx(ctx);
+
if (crypto_dh_decode_key(buf, len, ¶ms) < 0)
return -EINVAL;
Powered by blists - more mailing lists