net/tipc: Check null mem pointer

Message ID	20211224074646.1588903-1-jiasheng@iscas.ac.cn (mailing list archive)
State	Not Applicable
Delegated to:	Netdev Maintainers
Headers	show Return-Path: <netdev-owner@kernel.org> From: Jiasheng Jiang <jiasheng@iscas.ac.cn> To: jmaloy@redhat.com, ying.xue@windriver.com, davem@davemloft.net, kuba@kernel.org Cc: netdev@vger.kernel.org, tipc-discussion@lists.sourceforge.net, linux-kernel@vger.kernel.org, Jiasheng Jiang <jiasheng@iscas.ac.cn> Subject: [PATCH] net/tipc: Check null mem pointer Date: Fri, 24 Dec 2021 15:46:46 +0800 Message-Id: <20211224074646.1588903-1-jiasheng@iscas.ac.cn> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	net/tipc: Check null mem pointer \| expand net/tipc: Check null mem pointer

Message ID

20211224074646.1588903-1-jiasheng@iscas.ac.cn (mailing list archive)

State

Not Applicable

Delegated to:

Netdev Maintainers

Headers

From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
To: jmaloy@redhat.com, ying.xue@windriver.com, davem@davemloft.net,
        kuba@kernel.org
Cc: netdev@vger.kernel.org, tipc-discussion@lists.sourceforge.net,
        linux-kernel@vger.kernel.org, Jiasheng Jiang <jiasheng@iscas.ac.cn>
Subject: [PATCH] net/tipc: Check null mem pointer
Date: Fri, 24 Dec 2021 15:46:46 +0800
Message-Id: <20211224074646.1588903-1-jiasheng@iscas.ac.cn>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

net/tipc: Check null mem pointer | expand

Context	Check	Description
netdev/tree_selection	success	Guessing tree name failed - patch did not apply

Context

Check

Description

netdev/tree_selection

success

Guessing tree name failed - patch did not apply

Commit Message

Jiasheng Jiang Dec. 24, 2021, 7:46 a.m. UTC

For the possible alloc failure of the kmemdup(), it may return null
pointer.
Therefore, the returned pointer should be checked to guarantee the
success of the init.

Fixes: fc1b6d6de220 ("tipc: introduce TIPC encryption & authentication")
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
---
 net/tipc/crypto.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Jakub Kicinski Dec. 24, 2021, 10:34 p.m. UTC | #1

On Fri, 24 Dec 2021 15:46:46 +0800 Jiasheng Jiang wrote:
> For the possible alloc failure of the kmemdup(), it may return null
> pointer.
> Therefore, the returned pointer should be checked to guarantee the
> success of the init.
> 
> Fixes: fc1b6d6de220 ("tipc: introduce TIPC encryption & authentication")
> Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> ---
>  net/tipc/crypto.c | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/net/tipc/crypto.c b/net/tipc/crypto.c
> index c9391d38de85..19015e08e750 100644
> --- a/net/tipc/crypto.c
> +++ b/net/tipc/crypto.c
> @@ -596,7 +596,14 @@ static int tipc_aead_init(struct tipc_aead **aead, struct tipc_aead_key *ukey,
>  	tmp->mode = mode;
>  	tmp->cloned = NULL;
>  	tmp->authsize = TIPC_AES_GCM_TAG_SIZE;
> +
>  	tmp->key = kmemdup(ukey, tipc_aead_key_size(ukey), GFP_KERNEL);
> +	if (!tmp->key) {
> +		free_percpu(tmp->tfm_entry);
> +		kfree_sensitive(tmp);
> +		return -ENOMEM;
> +	}
> +
>  	memcpy(&tmp->salt, ukey->key + keylen, TIPC_AES_GCM_SALT_SIZE);
>  	atomic_set(&tmp->users, 0);
>  	atomic64_set(&tmp->seqno, 0);

Fixed over a month ago 3e6db079751a ("tipc: check for null after calling
kmemdup")

diff --git a/net/tipc/crypto.c b/net/tipc/crypto.c
index c9391d38de85..19015e08e750 100644
--- a/net/tipc/crypto.c
+++ b/net/tipc/crypto.c
@@ -596,7 +596,14 @@  static int tipc_aead_init(struct tipc_aead **aead, struct tipc_aead_key *ukey,
 	tmp->mode = mode;
 	tmp->cloned = NULL;
 	tmp->authsize = TIPC_AES_GCM_TAG_SIZE;
+
 	tmp->key = kmemdup(ukey, tipc_aead_key_size(ukey), GFP_KERNEL);
+	if (!tmp->key) {
+		free_percpu(tmp->tfm_entry);
+		kfree_sensitive(tmp);
+		return -ENOMEM;
+	}
+
 	memcpy(&tmp->salt, ukey->key + keylen, TIPC_AES_GCM_SALT_SIZE);
 	atomic_set(&tmp->users, 0);
 	atomic64_set(&tmp->seqno, 0);

net/tipc: Check null mem pointer

Checks

Commit Message

Comments

Patch