From: "Longpeng (Mike)" <longpeng2@huawei.com>
To: Eric Blake <eblake@redhat.com>
Cc: berrange@redhat.com, pbonzini@redhat.com,
arei.gonglei@huawei.com, qemu-devel@nongnu.org,
Markus Armbruster <armbru@redhat.com>,
Stefan Hajnoczi <stefanha@gmail.com>
Subject: Re: [Qemu-devel] [PATCH] crypto: afalg: fix a NULL pointer dereference
Date: Tue, 7 Nov 2017 10:27:10 +0800 [thread overview]
Message-ID: <5A0119FE.6060709@huawei.com> (raw)
In-Reply-To: <d465b265-2f07-34df-4474-d5dd57ec7443@redhat.com>
On 2017/11/7 1:00, Eric Blake wrote:
> On 11/06/2017 12:21 AM, Longpeng(Mike) wrote:
>> Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with
>> errp=NULL, this will cause a NULL poniter deference if afalg_driver
>
> s/poniter deference/pointer dereference/
>
OK.
>> doesn't support requested algos:
>> ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
>> result, resultlen,
>> errp);
>> if (ret == 0) {
>> return ret;
>> }
>>
>> error_free(*errp); // <--- here
>>
>> So we must check 'errp & *errp' before dereference.
>
> No, if we are going to blindly ignore the error from the hash_bytesv()
> call, then we should pass NULL rather than errp.
>
The 'errp' in this palce is convenient for debug, it can tell us the reason for
failure without stepping into afalg_driver's hash_bytesv().
>>
>> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
>> ---
>> crypto/hash.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/crypto/hash.c b/crypto/hash.c
>> index ac59c63..c464c78 100644
>> --- a/crypto/hash.c
>> +++ b/crypto/hash.c
>> @@ -60,7 +60,9 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
>> * TODO:
>> * Maybe we should treat some afalg errors as fatal
>> */
>> - error_free(*errp);
>> + if (errp && *errp) {
>> + error_free(*errp);
>> + }
>
> Any code that uses 'if (errp && *errp)' is suspicious; I think you need
I see, thanks a lot.
> a v2 that doesn't try to set errp in the first place, rather than
> cleaning it up to ignore it after the fact.
>
I answered above.
How about the following approach?
int qcrypto_hash_bytesv(...Error **errp)
{
#ifdef CONFIG_AF_ALG
int ret;
Error *err2 = NULL;
ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
result, resultlen,
&err2);
if (ret == 0) {
return ret;
}
error_free(*err2);
#endif
return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
result, resultlen,
errp);
}
I'll send a V2 if there's no objection, otherwise I'll pick your suggested
approach. :)
--
Regards,
Longpeng(Mike)
next prev parent reply other threads:[~2017-11-07 2:27 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-06 6:21 [Qemu-devel] [PATCH] crypto: afalg: fix a NULL pointer dereference Longpeng(Mike)
2017-11-06 10:21 ` Gonglei (Arei)
2017-11-06 17:00 ` Eric Blake
2017-11-07 2:27 ` Longpeng (Mike) [this message]
2017-11-07 9:16 ` Daniel P. Berrange
2017-11-07 9:32 ` Longpeng (Mike)
2017-11-06 17:18 ` Stefan Hajnoczi
2017-11-07 1:13 ` Longpeng (Mike)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5A0119FE.6060709@huawei.com \
--to=longpeng2@huawei.com \
--cc=arei.gonglei@huawei.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).