RE: [PATCH](updated) rfc4106, Intel, AES-NI: Don't leak memory in rfc4106_set_hash_subkey()..

Jesper Juhl Fri, 11 Feb 2011 13:10:52 -0800

On Fri, 11 Feb 2011, Jesper Juhl wrote:

> On Fri, 11 Feb 2011, Paoloni, Gabriele wrote:
> 
> > Well anyway I think that the return value of 
> > "ablkcipher_request_alloc(ctr_tfm, GFP_KERNEL)" has to be changed from 
> > -EINVAL to -ENOMEM in case of failure. That is why would stay on the patch 
> > that Tadeusz proposed. Otherwise Juhl should send another one....
> > 
> I'll take a look again later this evening when I get home from work.
> 
Hopefully this takes care of all complaints and can actually get merged so 
we can get the leak fixed (patch is against current cryptodev-2.6 tree).



Fix up previous patch that failed to properly fix mem leak in 
rfc4106_set_hash_subkey(). This add-on patch; fixes the leak. moves 
kfree() out of the error path, returns -ENOMEM rather than -EINVAL when 
ablkcipher_request_alloc() fails.

Signed-off-by: Jesper Juhl <j...@chaosbits.net>
---
 aesni-intel_glue.c |   13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/arch/x86/crypto/aesni-intel_glue.c 
b/arch/x86/crypto/aesni-intel_glue.c
index e013552..502b76d 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -876,17 +876,15 @@ rfc4106_set_hash_subkey(u8 *hash_subkey, const u8 *key, 
unsigned int key_len)
        if (ret)
                goto out;
 
+       ret = -ENOMEM;
        req = ablkcipher_request_alloc(ctr_tfm, GFP_KERNEL);
-       if (!req) {
-               ret = -EINVAL;
+       if (!req)
                goto out_free_ablkcipher;
-       }
 
        req_data = kmalloc(sizeof(*req_data), GFP_KERNEL);
-       if (!req_data) {
-               ret = -ENOMEM;
+       if (!req_data)
                goto out_free_request;
-       }
+
        memset(req_data->iv, 0, sizeof(req_data->iv));
 
        /* Clear the data in the hash sub key container to zero.*/
@@ -911,12 +909,11 @@ rfc4106_set_hash_subkey(u8 *hash_subkey, const u8 *key, 
unsigned int key_len)
                if (!ret)
                        ret = req_data->result.err;
        }
+       kfree(req_data);
 out_free_request:
        ablkcipher_request_free(req);
-       kfree(req_data);
 out_free_ablkcipher:
        crypto_free_ablkcipher(ctr_tfm);
-out:
        return ret;
 }
 


-- 
Jesper Juhl <j...@chaosbits.net>            http://www.chaosbits.net/
Plain text mails only, please.
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

RE: [PATCH](updated) rfc4106, Intel, AES-NI: Don't leak memory in rfc4106_set_hash_subkey()..

Reply via email to