From: Christian Engelmayer <cengelma@gmx.at>
To: tim.c.chen@linux.intel.com
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH 1/3] crypto: Fix potential leak in test_aead_speed() if aad_size is too big
Date: Mon, 21 Apr 2014 20:45:59 +0200 [thread overview]
Message-ID: <20140421204559.75b8aa71@spike> (raw)
In-Reply-To: <20140421204439.7999f1c6@spike>
[-- Attachment #1: Type: text/plain, Size: 1305 bytes --]
Fix a potential memory leak in the error handling of test_aead_speed(). In case
the size check on the associate data length parameter fails, the function goes
through the wrong exit label. Reported by Coverity - CID 1163870.
Signed-off-by: Christian Engelmayer <cengelma@gmx.at>
---
crypto/tcrypt.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 870be7b..1856d7f 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -282,6 +282,11 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec,
unsigned int *b_size;
unsigned int iv_len;
+ if (aad_size >= PAGE_SIZE) {
+ pr_err("associate data length (%u) too big\n", aad_size);
+ return;
+ }
+
if (enc == ENCRYPT)
e = "encryption";
else
@@ -323,14 +328,7 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec,
b_size = aead_sizes;
do {
assoc = axbuf[0];
-
- if (aad_size < PAGE_SIZE)
- memset(assoc, 0xff, aad_size);
- else {
- pr_err("associate data length (%u) too big\n",
- aad_size);
- goto out_nosg;
- }
+ memset(assoc, 0xff, aad_size);
sg_init_one(&asg[0], assoc, aad_size);
if ((*keysize + *b_size) > TVMEMSIZE * PAGE_SIZE) {
--
1.9.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2014-04-21 18:51 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-21 18:44 [PATCH 0/3] Cleanup ressource leaks in test_aead_speed() Christian Engelmayer
2014-04-21 18:45 ` Christian Engelmayer [this message]
2014-04-22 23:33 ` [PATCH 1/3] crypto: Fix potential leak in test_aead_speed() if aad_size is too big Marek Vasut
2014-04-23 17:43 ` Christian Engelmayer
2014-04-23 17:44 ` Marek Vasut
2014-04-23 17:20 ` Tim Chen
2014-04-21 18:46 ` [PATCH 2/3] crypto: Fix potential leak in test_aead_speed() if crypto_alloc_aead() fails Christian Engelmayer
2014-04-22 23:35 ` Marek Vasut
2014-04-23 17:20 ` Tim Chen
2014-04-21 18:47 ` [PATCH 3/3] crypto: Fix leak of struct aead_request in test_aead_speed() Christian Engelmayer
2014-04-22 23:36 ` Marek Vasut
2014-04-23 17:26 ` Tim Chen
2014-04-28 10:25 ` [PATCH 0/3] Cleanup ressource leaks " Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140421204559.75b8aa71@spike \
--to=cengelma@gmx.at \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tim.c.chen@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.