• Eric Biggers's avatar
    KEYS: fix key refcount leak in keyctl_read_key() · 7fc0786d
    Eric Biggers authored
    In keyctl_read_key(), if key_permission() were to return an error code
    other than EACCES, we would leak a the reference to the key.  This can't
    actually happen currently because key_permission() can only return an
    error code other than EACCES if security_key_permission() does, only
    SELinux and Smack implement that hook, and neither can return an error
    code other than EACCES.  But it should still be fixed, as it is a bug
    waiting to happen.
    
    Fixes: 29db9190 ("[PATCH] Keys: Add LSM hooks for key management [try #3]")
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
    7fc0786d
keyctl.c 42.7 KB