lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20231227.130342.618032792909202594.syoshida@redhat.com> Date: Wed, 27 Dec 2023 13:03:42 +0900 (JST) From: Shigeru Yoshida <syoshida@...hat.com> To: herbert@...dor.apana.org.au Cc: davem@...emloft.net, dhowells@...hat.com, linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] crypto: af_alg/hash: Fix uninit-value access in af_alg_free_sg() On Fri, 22 Dec 2023 11:42:43 +0800, Herbert Xu wrote: > On Mon, Dec 11, 2023 at 10:59:49PM +0900, Shigeru Yoshida wrote: >> >> Fixes: c662b043cdca ("crypto: af_alg/hash: Support MSG_SPLICE_PAGES") > > I think it should actually be > > b6d972f6898308fbe7e693bf8d44ebfdb1cd2dc4 > crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE) > > Anyway, I think we should fix it by adding a new goto label that > does not free the SG list: > > unlock_free: > af_alg_free_sg(&ctx->sgl); > <--- Add new label here > hash_free_result(sk, ctx); > ctx->more = false; > goto unlock; Thanks for the feedback, and sorry for the late response. I'll check the code again, and send v2 patch. Thanks, Shigeru > > Thanks, > -- > Email: Herbert Xu <herbert@...dor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt >
Powered by blists - more mailing lists