| Message ID | 20210110080253.32345-1-dinghao.liu@zju.edu.cn (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v2] evm: Fix memleak in init_desc | expand |
Hi Dinghao, On Sun, 2021-01-10 at 11:50 +0100, Markus Elfring wrote: > > When kmalloc() fails, tmp_tfm allocated by > > crypto_alloc_shash() has not been freed, which > > leads to memleak. In the future, please conform to Documentation/process/submitting- patches.rst: - The body of the explanation, line wrapped at 75 columns, which will be copied to the permanent changelog to describe this patch. > > Do any Linux developers care for the following aspects? > > * Imperative wordings for change descriptions > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?id=2ff90100ace886895e4fbb2850b8d5e49d931ed6#n89 > > * Usage of the term “memory leak” (instead of an abbreviation) In general I agree, but this is a really small, obvious bug fix. Assuming Dinghao is fine with my updating the patch description, I'll fix it. Mimi
Hi Dinghao, On Sun, 2021-01-10 at 16:02 +0800, Dinghao Liu wrote: > When kmalloc() fails, tmp_tfm allocated by > crypto_alloc_shash() has not been freed, which > leads to memleak. > > Fixes: d46eb3699502b ("evm: crypto hash replaced by shash") > Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn> This patch is now queued, with an updated patch description, in next- integrity-testing. thanks, Mimi
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 168c3b78ac47..a6dd47eb086d 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -73,7 +73,7 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) { long rc; const char *algo; - struct crypto_shash **tfm, *tmp_tfm; + struct crypto_shash **tfm, *tmp_tfm = NULL; struct shash_desc *desc; if (type == EVM_XATTR_HMAC) { @@ -118,13 +118,16 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) alloc: desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), GFP_KERNEL); - if (!desc) + if (!desc) { + crypto_free_shash(tmp_tfm); return ERR_PTR(-ENOMEM); + } desc->tfm = *tfm; rc = crypto_shash_init(desc); if (rc) { + crypto_free_shash(tmp_tfm); kfree(desc); return ERR_PTR(rc); }
When kmalloc() fails, tmp_tfm allocated by crypto_alloc_shash() has not been freed, which leads to memleak. Fixes: d46eb3699502b ("evm: crypto hash replaced by shash") Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn> --- Changelog: v2: - Remove checks against tmp_tfm before freeing. --- security/integrity/evm/evm_crypto.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)