| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jan 2021 15:57:15 +0800
From: Zhihao Cheng <chengzhihao1@...wei.com>
To: Dinghao Liu <dinghao.liu@....edu.cn>, <kjlu@....edu>
CC: Richard Weinberger <richard@....at>,
Sascha Hauer <s.hauer@...gutronix.de>,
<linux-mtd@...ts.infradead.org>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] ubifs: Fix memleak in ubifs_init_authentication
在 2021/1/5 14:03, Dinghao Liu 写道:
> When crypto_shash_digestsize() fails, c->hmac_tfm
> has not been freed before returning, which leads
> to memleak.
>
> Fixes: 49525e5eecca5 ("ubifs: Add helper functions for authentication support")
> Signed-off-by: Dinghao Liu <dinghao.liu@....edu.cn>
Reviewed-by: Zhihao Cheng <chengzhihao1@...wei.com>
> ---
> fs/ubifs/auth.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ubifs/auth.c b/fs/ubifs/auth.c
> index 51a7c8c2c3f0..e564d5ff8781 100644
> --- a/fs/ubifs/auth.c
> +++ b/fs/ubifs/auth.c
> @@ -327,7 +327,7 @@ int ubifs_init_authentication(struct ubifs_info *c)
> ubifs_err(c, "hmac %s is bigger than maximum allowed hmac size (%d > %d)",
> hmac_name, c->hmac_desc_len, UBIFS_HMAC_ARR_SZ);
> err = -EINVAL;
> - goto out_free_hash;
> + goto out_free_hmac;
> }
>
> err = crypto_shash_setkey(c->hmac_tfm, ukp->data, ukp->datalen);
>
Powered by blists - more mailing lists