From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57500) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c4Q5C-0006ch-Tv for qemu-devel@nongnu.org; Wed, 09 Nov 2016 05:26:20 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c4Q58-0004ey-R9 for qemu-devel@nongnu.org; Wed, 09 Nov 2016 05:26:18 -0500 Received: from mx5-phx2.redhat.com ([209.132.183.37]:48570) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1c4Q58-0004cV-JN for qemu-devel@nongnu.org; Wed, 09 Nov 2016 05:26:14 -0500 Date: Wed, 9 Nov 2016 05:26:12 -0500 (EST) From: =?utf-8?Q?Marc-Andr=C3=A9?= Lureau Message-ID: <2062613471.438695.1478687172612.JavaMail.zimbra@redhat.com> In-Reply-To: <20161109102239.GB22181@redhat.com> References: <20161109101815.9057-1-marcandre.lureau@redhat.com> <20161109102239.GB22181@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] cipher: fix leak on initialization error List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" Cc: =?utf-8?Q?Marc-Andr=C3=A9?= Lureau , qemu-devel@nongnu.org Hi ----- Original Message ----- > On Wed, Nov 09, 2016 at 02:18:15PM +0400, Marc-Andr=C3=A9 Lureau wrote: > > If ctx->blocksize !=3D XTS_BLOCK_SIZE, ctx will be leaked. > > Assign ctx earler, and call qcrypto_cipher_free() on error. > >=20 > > Spotted thanks to ASAN. > >=20 > > Signed-off-by: Marc-Andr=C3=A9 Lureau > > --- > > crypto/cipher-nettle.c | 15 ++++++++------- > > 1 file changed, 8 insertions(+), 7 deletions(-) > >=20 > > diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c > > index cd094cd..593962c 100644 > > --- a/crypto/cipher-nettle.c > > +++ b/crypto/cipher-nettle.c > > @@ -376,6 +376,7 @@ QCryptoCipher > > *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, > > goto error; > > } >=20 > 'ctx' is non-NULL at this point and there's a 'goto error' just > above here.... >=20 Right, fixing it sending v2 > > =20 > > + cipher->opaque =3D ctx; > > if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS && > > ctx->blocksize !=3D XTS_BLOCK_SIZE) { > > error_setg(errp, "Cipher block size %zu must equal XTS block s= ize > > %d", > > @@ -384,13 +385,11 @@ QCryptoCipher > > *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, > > } > > =20 > > ctx->iv =3D g_new0(uint8_t, ctx->blocksize); > > - cipher->opaque =3D ctx; > > =20 > > return cipher; > > =20 > > error: > > - g_free(cipher); > > - g_free(ctx); > > + qcrypto_cipher_free(cipher); > > return NULL; > > } >=20 >=20 > ...so you're leaking 'ctx' now, since it hasn't been assigned > to cipher->ctx. >=20 > You need to move 'cipher->opque =3D ctx' to the place where we > initially allocate 'ctx', before any gotos at which point.... >=20 > > =20 > > @@ -404,10 +403,12 @@ void qcrypto_cipher_free(QCryptoCipher *cipher) > > } > > =20 > > ctx =3D cipher->opaque; > > - g_free(ctx->iv); > > - g_free(ctx->ctx); > > - g_free(ctx->ctx_tweak); > > - g_free(ctx); > > + if (ctx) { > > + g_free(ctx->iv); > > + g_free(ctx->ctx); > > + g_free(ctx->ctx_tweak); > > + g_free(ctx); > > + } > > g_free(cipher); > > } >=20 > ...this change is not needed >=20 > Regards, > Daniel > -- > |: http://berrange.com -o- http://www.flickr.com/photos/dberrange= / :| > |: http://libvirt.org -o- http://virt-manager.or= g :| > |: http://entangle-photo.org -o- http://search.cpan.org/~danberr= / :| >=20