From: Christian Engelmayer <cengelma@gmx.at>
To: tim.c.chen@linux.intel.com
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH 1/3] crypto: Fix potential leak in test_aead_speed() if aad_size is too big
Date: Mon, 21 Apr 2014 20:45:59 +0200 [thread overview]
Message-ID: <20140421204559.75b8aa71@spike> (raw)
In-Reply-To: <20140421204439.7999f1c6@spike>
[-- Attachment #1: Type: text/plain, Size: 1305 bytes --]
Fix a potential memory leak in the error handling of test_aead_speed(). In case
the size check on the associate data length parameter fails, the function goes
through the wrong exit label. Reported by Coverity - CID 1163870.
Signed-off-by: Christian Engelmayer <cengelma@gmx.at>
---
crypto/tcrypt.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 870be7b..1856d7f 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -282,6 +282,11 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec,
unsigned int *b_size;
unsigned int iv_len;
+ if (aad_size >= PAGE_SIZE) {
+ pr_err("associate data length (%u) too big\n", aad_size);
+ return;
+ }
+
if (enc == ENCRYPT)
e = "encryption";
else
@@ -323,14 +328,7 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec,
b_size = aead_sizes;
do {
assoc = axbuf[0];
-
- if (aad_size < PAGE_SIZE)
- memset(assoc, 0xff, aad_size);
- else {
- pr_err("associate data length (%u) too big\n",
- aad_size);
- goto out_nosg;
- }
+ memset(assoc, 0xff, aad_size);
sg_init_one(&asg[0], assoc, aad_size);
if ((*keysize + *b_size) > TVMEMSIZE * PAGE_SIZE) {
--
1.9.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2014-04-21 18:51 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-21 18:44 [PATCH 0/3] Cleanup ressource leaks in test_aead_speed() Christian Engelmayer
2014-04-21 18:45 ` Christian Engelmayer [this message]
2014-04-22 23:33 ` [PATCH 1/3] crypto: Fix potential leak in test_aead_speed() if aad_size is too big Marek Vasut
2014-04-23 17:43 ` Christian Engelmayer
2014-04-23 17:44 ` Marek Vasut
2014-04-23 17:20 ` Tim Chen
2014-04-21 18:46 ` [PATCH 2/3] crypto: Fix potential leak in test_aead_speed() if crypto_alloc_aead() fails Christian Engelmayer
2014-04-22 23:35 ` Marek Vasut
2014-04-23 17:20 ` Tim Chen
2014-04-21 18:47 ` [PATCH 3/3] crypto: Fix leak of struct aead_request in test_aead_speed() Christian Engelmayer
2014-04-22 23:36 ` Marek Vasut
2014-04-23 17:26 ` Tim Chen
2014-04-28 10:25 ` [PATCH 0/3] Cleanup ressource leaks " Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140421204559.75b8aa71@spike \
--to=cengelma@gmx.at \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tim.c.chen@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox