Re: [PATCH] Trusted and Encrypted Keys: fix up TSS_rawhmac() so wealways kfree() and remember to call va_end()
From: Tetsuo Handa
Date: Fri Jan 14 2011 - 08:45:30 EST
David Safford wrote:
> On Thu, 2011-01-13 at 21:07 +0100, Jesper Juhl wrote:
> > In security/keys/trusted_defined.c::TSS_rawhmac() we may leak the storage
> > allocated to 'sdesc' if
> > data = va_arg(argp, unsigned char *);
> > results in a NULL 'data' and we then leave the function by returning
> > -EINVAL. We also neglect calling va_end(argp) in that case and furthermore
> > we neglect va_end(argp) if
> > ret = crypto_shash_update(&sdesc->shash, data, dlen);
> > results in ret being negative and we then jump to the 'out' label.
> >
> > I believe this patch takes care of these issues. Please review and
> > consider for inclusion.
> >
> > Signed-off-by: Jesper Juhl <jj@xxxxxxxxxxxxx>
>
> thanks for catching this.
>
> Acked-by: David Safford <safford@xxxxxxxxxxxxxx>
Please wait. That patch is incorrect. I'm making patch now.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/