Patch "libceph: fix crypto key null deref, memory leak" has been added to the 3.4-stable tree

[gregkh]

This is a note to let you know that I've just added the patch titled

    libceph: fix crypto key null deref, memory leak

to the 3.4-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     0106-libceph-fix-crypto-key-null-deref-memory-leak.patch
and it can be found in the queue-3.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>From b7dfcf07b04fda8c8ba6cf17ea5477e9b79f9bc8 Mon Sep 17 00:00:00 2001
From: Sylvain Munaut <t...@246tnt.com>
Date: Thu, 2 Aug 2012 09:12:59 -0700
Subject: libceph: fix crypto key null deref, memory leak

From: Sylvain Munaut <t...@246tnt.com>

(cherry picked from commit f0666b1ac875ff32fe290219b150ec62eebbe10e)

Avoid crashing if the crypto key payload was NULL, as when it was not correctly
allocated and initialized.  Also, avoid leaking it.

Signed-off-by: Sylvain Munaut <t...@246tnt.com>
Signed-off-by: Sage Weil <s...@inktank.com>
Reviewed-by: Alex Elder <el...@inktank.com>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
 net/ceph/crypto.c |    1 +
 net/ceph/crypto.h |    3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

--- a/net/ceph/crypto.c
+++ b/net/ceph/crypto.c
@@ -466,6 +466,7 @@ void ceph_key_destroy(struct key *key) {
        struct ceph_crypto_key *ckey = key->payload.data;
 
        ceph_crypto_key_destroy(ckey);
+       kfree(ckey);
 }
 
 struct key_type key_type_ceph = {
--- a/net/ceph/crypto.h
+++ b/net/ceph/crypto.h
@@ -16,7 +16,8 @@ struct ceph_crypto_key {
 
 static inline void ceph_crypto_key_destroy(struct ceph_crypto_key *key)
 {
-       kfree(key->key);
+       if (key)
+               kfree(key->key);
 }
 
 extern int ceph_crypto_key_clone(struct ceph_crypto_key *dst,


Patches currently in stable-queue which might be from t...@246tnt.com are

queue-3.4/0106-libceph-fix-crypto-key-null-deref-memory-leak.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html