diff options
author | Christian Engelmayer <cengelma@gmx.at> | 2014-04-21 20:45:59 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2014-04-28 18:21:17 +0800 |
commit | e5f8ed38c207b37720a733b3d73f8f5a1c8f41ab (patch) | |
tree | 321eaccb49c7d43780aac3b6378cbc43029e83a0 /crypto | |
parent | 0a3e3ec5dbcbe46e240235b6187d2b742714c722 (diff) | |
download | linux-crypto-e5f8ed38c207b37720a733b3d73f8f5a1c8f41ab.tar.gz linux-crypto-e5f8ed38c207b37720a733b3d73f8f5a1c8f41ab.zip |
crypto: tcrypt - Fix potential leak in test_aead_speed() if aad_size is too big
Fix a potential memory leak in the error handling of test_aead_speed(). In case
the size check on the associate data length parameter fails, the function goes
through the wrong exit label. Reported by Coverity - CID 1163870.
Signed-off-by: Christian Engelmayer <cengelma@gmx.at>
Acked-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to '')
-rw-r--r-- | crypto/tcrypt.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index 870be7b4..1856d7ff 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -282,6 +282,11 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec, unsigned int *b_size; unsigned int iv_len; + if (aad_size >= PAGE_SIZE) { + pr_err("associate data length (%u) too big\n", aad_size); + return; + } + if (enc == ENCRYPT) e = "encryption"; else @@ -323,14 +328,7 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec, b_size = aead_sizes; do { assoc = axbuf[0]; - - if (aad_size < PAGE_SIZE) - memset(assoc, 0xff, aad_size); - else { - pr_err("associate data length (%u) too big\n", - aad_size); - goto out_nosg; - } + memset(assoc, 0xff, aad_size); sg_init_one(&asg[0], assoc, aad_size); if ((*keysize + *b_size) > TVMEMSIZE * PAGE_SIZE) { |