Commit 1cca41e2 authored by Herbert Xu's avatar Herbert Xu Committed by David S. Miller

[IPSEC]: Missing NULL algorithm checks in AH and IPCOMP init.

parent b069904a
...@@ -245,6 +245,9 @@ static int ah_init_state(struct xfrm_state *x, void *args) ...@@ -245,6 +245,9 @@ static int ah_init_state(struct xfrm_state *x, void *args)
struct ah_data *ahp = NULL; struct ah_data *ahp = NULL;
struct xfrm_algo_desc *aalg_desc; struct xfrm_algo_desc *aalg_desc;
if (!x->aalg)
goto error;
/* null auth can use a zero length key */ /* null auth can use a zero length key */
if (x->aalg->alg_key_len > 512) if (x->aalg->alg_key_len > 512)
goto error; goto error;
......
...@@ -344,10 +344,15 @@ static void ipcomp_destroy(struct xfrm_state *x) ...@@ -344,10 +344,15 @@ static void ipcomp_destroy(struct xfrm_state *x)
static int ipcomp_init_state(struct xfrm_state *x, void *args) static int ipcomp_init_state(struct xfrm_state *x, void *args)
{ {
int err = -ENOMEM; int err;
struct ipcomp_data *ipcd; struct ipcomp_data *ipcd;
struct xfrm_algo_desc *calg_desc; struct xfrm_algo_desc *calg_desc;
err = -EINVAL;
if (!x->calg)
goto out;
err = -ENOMEM;
ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL); ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL);
if (!ipcd) if (!ipcd)
goto error; goto error;
......
...@@ -380,6 +380,9 @@ static int ah6_init_state(struct xfrm_state *x, void *args) ...@@ -380,6 +380,9 @@ static int ah6_init_state(struct xfrm_state *x, void *args)
struct ah_data *ahp = NULL; struct ah_data *ahp = NULL;
struct xfrm_algo_desc *aalg_desc; struct xfrm_algo_desc *aalg_desc;
if (!x->aalg)
goto error;
/* null auth can use a zero length key */ /* null auth can use a zero length key */
if (x->aalg->alg_key_len > 512) if (x->aalg->alg_key_len > 512)
goto error; goto error;
......
...@@ -276,10 +276,15 @@ static void ipcomp6_destroy(struct xfrm_state *x) ...@@ -276,10 +276,15 @@ static void ipcomp6_destroy(struct xfrm_state *x)
static int ipcomp6_init_state(struct xfrm_state *x, void *args) static int ipcomp6_init_state(struct xfrm_state *x, void *args)
{ {
int err = -ENOMEM; int err;
struct ipcomp_data *ipcd; struct ipcomp_data *ipcd;
struct xfrm_algo_desc *calg_desc; struct xfrm_algo_desc *calg_desc;
err = -EINVAL;
if (!x->calg)
goto out;
err = -ENOMEM;
ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL); ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL);
if (!ipcd) if (!ipcd)
goto error; goto error;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment