From: "Marc-André Lureau" <mlureau@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: "Marc-André Lureau" <marcandre.lureau@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] cipher: fix leak on initialization error
Date: Wed, 9 Nov 2016 05:26:12 -0500 (EST) [thread overview]
Message-ID: <2062613471.438695.1478687172612.JavaMail.zimbra@redhat.com> (raw)
In-Reply-To: <20161109102239.GB22181@redhat.com>
Hi
----- Original Message -----
> On Wed, Nov 09, 2016 at 02:18:15PM +0400, Marc-André Lureau wrote:
> > If ctx->blocksize != XTS_BLOCK_SIZE, ctx will be leaked.
> > Assign ctx earler, and call qcrypto_cipher_free() on error.
> >
> > Spotted thanks to ASAN.
> >
> > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> > ---
> > crypto/cipher-nettle.c | 15 ++++++++-------
> > 1 file changed, 8 insertions(+), 7 deletions(-)
> >
> > diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
> > index cd094cd..593962c 100644
> > --- a/crypto/cipher-nettle.c
> > +++ b/crypto/cipher-nettle.c
> > @@ -376,6 +376,7 @@ QCryptoCipher
> > *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
> > goto error;
> > }
>
> 'ctx' is non-NULL at this point and there's a 'goto error' just
> above here....
>
Right, fixing it sending v2
> >
> > + cipher->opaque = ctx;
> > if (mode == QCRYPTO_CIPHER_MODE_XTS &&
> > ctx->blocksize != XTS_BLOCK_SIZE) {
> > error_setg(errp, "Cipher block size %zu must equal XTS block size
> > %d",
> > @@ -384,13 +385,11 @@ QCryptoCipher
> > *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
> > }
> >
> > ctx->iv = g_new0(uint8_t, ctx->blocksize);
> > - cipher->opaque = ctx;
> >
> > return cipher;
> >
> > error:
> > - g_free(cipher);
> > - g_free(ctx);
> > + qcrypto_cipher_free(cipher);
> > return NULL;
> > }
>
>
> ...so you're leaking 'ctx' now, since it hasn't been assigned
> to cipher->ctx.
>
> You need to move 'cipher->opque = ctx' to the place where we
> initially allocate 'ctx', before any gotos at which point....
>
> >
> > @@ -404,10 +403,12 @@ void qcrypto_cipher_free(QCryptoCipher *cipher)
> > }
> >
> > ctx = cipher->opaque;
> > - g_free(ctx->iv);
> > - g_free(ctx->ctx);
> > - g_free(ctx->ctx_tweak);
> > - g_free(ctx);
> > + if (ctx) {
> > + g_free(ctx->iv);
> > + g_free(ctx->ctx);
> > + g_free(ctx->ctx_tweak);
> > + g_free(ctx);
> > + }
> > g_free(cipher);
> > }
>
> ...this change is not needed
>
> Regards,
> Daniel
> --
> |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
> |: http://libvirt.org -o- http://virt-manager.org :|
> |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
>
prev parent reply other threads:[~2016-11-09 10:26 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-09 10:18 [Qemu-devel] [PATCH] cipher: fix leak on initialization error Marc-André Lureau
2016-11-09 10:22 ` Daniel P. Berrange
2016-11-09 10:26 ` Marc-André Lureau [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2062613471.438695.1478687172612.JavaMail.zimbra@redhat.com \
--to=mlureau@redhat.com \
--cc=berrange@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).