This patch frees the payload at the end of the instantiate
method of both trusted and encrypted key types if an error occurs.
Signed-off-by: Roberto Sassu <[email protected]>
---
security/keys/encrypted_defined.c | 6 ++++++
security/keys/trusted_defined.c | 4 ++++
2 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
index 54c0f0f..8426e66 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted_defined.c
@@ -624,7 +624,13 @@ static int encrypted_instantiate(struct key *key, const void *data,
}
ret = encrypted_init(epayload, master_desc, decrypted_datalen,
hex_encoded_iv, hex_encoded_data);
+ if (ret)
+ goto out_free_epayload;
+
rcu_assign_pointer(key->payload.data, epayload);
+out_free_epayload:
+ if (ret)
+ kfree(epayload);
out:
kfree(datablob);
return ret > 0 ? -EINVAL : ret;
diff --git a/security/keys/trusted_defined.c b/security/keys/trusted_defined.c
index aedad16..ab7c7f9 100644
--- a/security/keys/trusted_defined.c
+++ b/security/keys/trusted_defined.c
@@ -848,6 +848,10 @@ static int trusted_instantiate(struct key *key, const void *data,
out:
if (!ret)
rcu_assign_pointer(key->payload.data, p);
+ else {
+ if (p)
+ kfree(p);
+ }
kfree(datablob);
return ret;
}
--
1.7.2.3
Thanks for catching this! This patch applies cleanly to the
trusted/encrypted patch set posted today.
thanks,
Acked-by: Mimi Zohar <[email protected]>
On Thu, 2010-10-07 at 14:30 +0200, Roberto Sassu wrote:
> This patch frees the payload at the end of the instantiate
> method of both trusted and encrypted key types if an error occurs.
>
> Signed-off-by: Roberto Sassu <[email protected]>
> ---
> security/keys/encrypted_defined.c | 6 ++++++
> security/keys/trusted_defined.c | 4 ++++
> 2 files changed, 10 insertions(+), 0 deletions(-)
>
> diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
> index 54c0f0f..8426e66 100644
> --- a/security/keys/encrypted_defined.c
> +++ b/security/keys/encrypted_defined.c
> @@ -624,7 +624,13 @@ static int encrypted_instantiate(struct key *key, const void *data,
> }
> ret = encrypted_init(epayload, master_desc, decrypted_datalen,
> hex_encoded_iv, hex_encoded_data);
> + if (ret)
> + goto out_free_epayload;
> +
> rcu_assign_pointer(key->payload.data, epayload);
> +out_free_epayload:
> + if (ret)
> + kfree(epayload);
> out:
> kfree(datablob);
> return ret > 0 ? -EINVAL : ret;
> diff --git a/security/keys/trusted_defined.c b/security/keys/trusted_defined.c
> index aedad16..ab7c7f9 100644
> --- a/security/keys/trusted_defined.c
> +++ b/security/keys/trusted_defined.c
> @@ -848,6 +848,10 @@ static int trusted_instantiate(struct key *key, const void *data,
> out:
> if (!ret)
> rcu_assign_pointer(key->payload.data, p);
> + else {
> + if (p)
> + kfree(p);
> + }
> kfree(datablob);
> return ret;
> }
On Thu, 7 Oct 2010, Mimi Zohar wrote:
> Thanks for catching this! This patch applies cleanly to the
> trusted/encrypted patch set posted today.
>
> thanks,
>
> Acked-by: Mimi Zohar <[email protected]>
It's probably best if you incorporate these fixes into your patches, so we
don't commit known-broken code into the tree.
--
James Morris
<[email protected]>