Eric Biggers wrote:
> Fix this by removing the call to key_revoke(). key_put() is sufficient,
> as it's not possible for an uninstantiated authkey to have been used for
> anything yet.
Note that the owner can call keyctl_describe() upon it, though that shouldn't
wait because KEY_LOOKUP_PARTIAL
From: Eric Biggers
If key_instantiate_and_link() were to fail (which fortunately isn't
possible currently), the call to key_revoke(authkey) would crash with a
NULL pointer dereference in request_key_auth_revoke() because the key
has not yet been instantiated.
Fix this by removing the call to key
2 matches
Mail list logo