From: Pan Bian <[email protected]>
In function public_key_verify_signature(), returns variable ret on
error paths. When the call to kmalloc() fails, the value of ret is 0,
and it is not set to an errno before returning. This patch fixes the
bug.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=188891
Signed-off-by: Pan Bian <[email protected]>
Signed-off-by: David Howells <[email protected]>
---
crypto/asymmetric_keys/public_key.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index fd76b5fc3b3a..d3a989e718f5 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -121,6 +121,7 @@ int public_key_verify_signature(const struct public_key *pkey,
if (ret)
goto error_free_req;
+ ret = -ENOMEM;
outlen = crypto_akcipher_maxsize(tfm);
output = kmalloc(outlen, GFP_KERNEL);
if (!output)
On Mon, 12 Dec 2016, David Howells wrote:
> From: Pan Bian <[email protected]>
>
> In function public_key_verify_signature(), returns variable ret on
> error paths. When the call to kmalloc() fails, the value of ret is 0,
> and it is not set to an errno before returning. This patch fixes the
> bug.
>
> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=188891
>
> Signed-off-by: Pan Bian <[email protected]>
> Signed-off-by: David Howells <[email protected]>
> ---
These crypto patches should probably go via Herbert's tree.
>
> crypto/asymmetric_keys/public_key.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
> index fd76b5fc3b3a..d3a989e718f5 100644
> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c
> @@ -121,6 +121,7 @@ int public_key_verify_signature(const struct public_key *pkey,
> if (ret)
> goto error_free_req;
>
> + ret = -ENOMEM;
> outlen = crypto_akcipher_maxsize(tfm);
> output = kmalloc(outlen, GFP_KERNEL);
> if (!output)
>
--
James Morris
<[email protected]>
On Tue, Dec 13, 2016 at 08:53:11AM +1100, James Morris wrote:
> On Mon, 12 Dec 2016, David Howells wrote:
>
> > From: Pan Bian <[email protected]>
> >
> > In function public_key_verify_signature(), returns variable ret on
> > error paths. When the call to kmalloc() fails, the value of ret is 0,
> > and it is not set to an errno before returning. This patch fixes the
> > bug.
> >
> > Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=188891
> >
> > Signed-off-by: Pan Bian <[email protected]>
> > Signed-off-by: David Howells <[email protected]>
> > ---
>
> These crypto patches should probably go via Herbert's tree.
OK but someone will need to post them to linux-crypto first.
I know the originals went that way but David's repost doesn't
seem to be in patchwork.
Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt