| Message ID | 20210430185810.3331311-1-trix@redhat.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | KEYS: trusted: fix memory leak | expand |
On Fri, Apr 30, 2021 at 11:58:10 -0700, trix@redhat.com wrote: > From: Tom Rix <trix@redhat.com> > > Static analysis reports this problem > trusted-keys/trusted_tpm1.c:496:10: warning: Potential memory leak > return ret; > ^~~ > > In tpm_seal() some failure handling returns directly, without > freeing memory. > > Fixes: 5df16caada3f ("KEYS: trusted: Fix incorrect handling of tpm_get_random()") > Signed-off-by: Tom Rix <trix@redhat.com> > --- > security/keys/trusted-keys/trusted_tpm1.c | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c > index 469394550801..aa108bea6739 100644 > --- a/security/keys/trusted-keys/trusted_tpm1.c > +++ b/security/keys/trusted-keys/trusted_tpm1.c > @@ -493,10 +493,12 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, > > ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); > if (ret < 0) > - return ret; > + goto out; > > - if (ret != TPM_NONCE_SIZE) > - return -EIO; > + if (ret != TPM_NONCE_SIZE) { > + ret = -EIO; > + goto out; > + } > > ordinal = htonl(TPM_ORD_SEAL); > datsize = htonl(datalen); I see this patch also submitted by Colin (Cc'd) in Message-Id: <20210430113724.110746-1-colin.king@canonical.com> To my eyes, the commit message seems a bit better over there. --Ben
On 4/30/21 12:50 PM, Ben Boeckel wrote: > On Fri, Apr 30, 2021 at 11:58:10 -0700, trix@redhat.com wrote: >> From: Tom Rix <trix@redhat.com> >> >> Static analysis reports this problem >> trusted-keys/trusted_tpm1.c:496:10: warning: Potential memory leak >> return ret; >> ^~~ >> >> In tpm_seal() some failure handling returns directly, without >> freeing memory. >> >> Fixes: 5df16caada3f ("KEYS: trusted: Fix incorrect handling of tpm_get_random()") >> Signed-off-by: Tom Rix <trix@redhat.com> >> --- >> security/keys/trusted-keys/trusted_tpm1.c | 8 +++++--- >> 1 file changed, 5 insertions(+), 3 deletions(-) >> >> diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c >> index 469394550801..aa108bea6739 100644 >> --- a/security/keys/trusted-keys/trusted_tpm1.c >> +++ b/security/keys/trusted-keys/trusted_tpm1.c >> @@ -493,10 +493,12 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, >> >> ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); >> if (ret < 0) >> - return ret; >> + goto out; >> >> - if (ret != TPM_NONCE_SIZE) >> - return -EIO; >> + if (ret != TPM_NONCE_SIZE) { >> + ret = -EIO; >> + goto out; >> + } >> >> ordinal = htonl(TPM_ORD_SEAL); >> datsize = htonl(datalen); > I see this patch also submitted by Colin (Cc'd) in Message-Id: > > <20210430113724.110746-1-colin.king@canonical.com> Let's use Colin's. Tom > > To my eyes, the commit message seems a bit better over there. > > --Ben >
On Fri, Apr 30, 2021 at 11:58:10AM -0700, trix@redhat.com wrote: > From: Tom Rix <trix@redhat.com> > > Static analysis reports this problem > trusted-keys/trusted_tpm1.c:496:10: warning: Potential memory leak > return ret; > ^~~ > > In tpm_seal() some failure handling returns directly, without > freeing memory. > > Fixes: 5df16caada3f ("KEYS: trusted: Fix incorrect handling of tpm_get_random()") > Signed-off-by: Tom Rix <trix@redhat.com> Hi, thanks appreciate this but unfortunately applied Colin's fix already :-/ /Jarkko
diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c index 469394550801..aa108bea6739 100644 --- a/security/keys/trusted-keys/trusted_tpm1.c +++ b/security/keys/trusted-keys/trusted_tpm1.c @@ -493,10 +493,12 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); if (ret < 0) - return ret; + goto out; - if (ret != TPM_NONCE_SIZE) - return -EIO; + if (ret != TPM_NONCE_SIZE) { + ret = -EIO; + goto out; + } ordinal = htonl(TPM_ORD_SEAL); datsize = htonl(datalen);