[IPSEC]: Fix processing of error from crypto module.

ESP needs to check for error returns from calls to crypto_cipher_setkey(). Signed-off-by: David S. Miller <davem@davemloft.net>

[IPSEC]: Fix processing of error from crypto module.
ESP needs to check for error returns from calls to crypto_cipher_setkey(). Signed-off-by: David S. Miller <davem@davemloft.net>
df50c088 · Kazunori Miyazawa · David S. Miller · 526160d9 · df50c088 · df50c088
Commit df50c088 authored Jan 26, 2005 by Kazunori Miyazawa Committed by David S. Miller Jan 26, 2005
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 11 deletions

net/ipv4/esp4.c net/ipv4/esp4.c +2 -1

net/ipv6/esp6.c net/ipv6/esp6.c +5 -10

No files found.
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -427,7 +427,8 @@ static int esp_init_state(struct xfrm_state *x, void *args)
 			goto error;
 		get_random_bytes(esp->conf.ivec, esp->conf.ivlen);
 	}
-	crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len);
+	if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len))
+		goto error;
 	x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen;
 	if (x->props.mode)
 		x->props.header_len += sizeof(struct iphdr);

--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -364,7 +364,8 @@ static int esp6_init_state(struct xfrm_state *x, void *args)
 			goto error;
 		get_random_bytes(esp->conf.ivec, esp->conf.ivlen);
 	}
-	crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len);
+	if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len))
+		goto error;
 	x->props.header_len = sizeof(struct ipv6_esp_hdr) + esp->conf.ivlen;
 	if (x->props.mode)
 		x->props.header_len += sizeof(struct ipv6hdr);
@@ -372,15 +373,9 @@ static int esp6_init_state(struct xfrm_state *x, void *args)
 	return 0;
 error:
-	if (esp) {
+	x->data = esp;
-		if (esp->auth.tfm)
+	esp6_destroy(x);
-			crypto_free_tfm(esp->auth.tfm);
+	x->data = NULL;
-		if (esp->auth.work_icv)
-			kfree(esp->auth.work_icv);
-		if (esp->conf.tfm)
-			crypto_free_tfm(esp->conf.tfm);
-		kfree(esp);
-	}
 	return -EINVAL;
 }