Re: [PATCH] macsec: Fix memory leaks in macsec_decrypt()

From: Florian Westphal
Date: Fri Nov 22 2019 - 17:27:01 EST


Navid Emamdoost <navid.emamdoost@xxxxxxxxx> wrote:
> In the implementation of macsec_decrypt(), there are two memory leaks
> when crypto_aead_decrypt() fails. Release allocated req and skb before
> return.
>
> Fixes: c3b7d0bd7ac2 ("macsec: fix rx_sa refcounting with decrypt callback")
> Signed-off-by: Navid Emamdoost <navid.emamdoost@xxxxxxxxx>
> ---
> drivers/net/macsec.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
> index afd8b2a08245..34c6fb4eb9ef 100644
> --- a/drivers/net/macsec.c
> +++ b/drivers/net/macsec.c
> @@ -986,6 +986,8 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
> dev_hold(dev);
> ret = crypto_aead_decrypt(req);
> if (ret == -EINPROGRESS) {
> + aead_request_free(req);
> + kfree_skb(skb);

-EINPROGRESS means decryption is handled asynchronously, no?

> return ERR_PTR(ret);
> } else if (ret != 0) {
> /* decryption/authentication failed

This is the error handling/failure path.