Commit 35576eab authored by Tetsuo Handa's avatar Tetsuo Handa Committed by James Morris

trusted-keys: another free memory bugfix

TSS_rawhmac() forgot to call va_end()/kfree() when data == NULL and
forgot to call va_end() when crypto_shash_update() < 0.
Fix these bugs by escaping from the loop using "break"
(rather than "return"/"goto") in order to make sure that
va_end()/kfree() are always called.
Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reviewed-by: default avatarJesper Juhl <jj@chaosbits.net>
Acked-by: default avatarMimi Zohar <zohar@us.ibm.com>
Acked-by: default avatarDavid Howells <dhowells@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 40c10017
...@@ -101,11 +101,13 @@ static int TSS_rawhmac(unsigned char *digest, const unsigned char *key, ...@@ -101,11 +101,13 @@ static int TSS_rawhmac(unsigned char *digest, const unsigned char *key,
if (dlen == 0) if (dlen == 0)
break; break;
data = va_arg(argp, unsigned char *); data = va_arg(argp, unsigned char *);
if (data == NULL) if (data == NULL) {
return -EINVAL; ret = -EINVAL;
break;
}
ret = crypto_shash_update(&sdesc->shash, data, dlen); ret = crypto_shash_update(&sdesc->shash, data, dlen);
if (ret < 0) if (ret < 0)
goto out; break;
} }
va_end(argp); va_end(argp);
if (!ret) if (!ret)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment