diff options
| author | Stephan Mueller <smueller@chronox.de> | 2018-07-07 20:41:47 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-07-22 14:28:48 +0200 |
| commit | c4bfed85bae8eba6cce22f9b9cce530720527411 (patch) | |
| tree | 81ad203bb86ba5ee7e26d91e73a70070e1396d5c | |
| parent | 16b3ae12337eb1695de0031fe4e030fb7fd6c2d9 (diff) | |
| download | linux-stable-c4bfed85bae8eba6cce22f9b9cce530720527411.tar.gz linux-stable-c4bfed85bae8eba6cce22f9b9cce530720527411.tar.bz2 linux-stable-c4bfed85bae8eba6cce22f9b9cce530720527411.zip | |
crypto: af_alg - Initialize sg_num_bytes in error code path
commit 2546da99212f22034aecf279da9c47cbfac6c981 upstream.
The RX SGL in processing is already registered with the RX SGL tracking
list to support proper cleanup. The cleanup code path uses the
sg_num_bytes variable which must therefore be always initialized, even
in the error code path.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Reported-by: syzbot+9c251bdd09f83b92ba95@syzkaller.appspotmail.com
#syz test: https://github.com/google/kmsan.git master
CC: <stable@vger.kernel.org> #4.14
Fixes: e870456d8e7c ("crypto: algif_skcipher - overhaul memory management")
Fixes: d887c52d6ae4 ("crypto: algif_aead - overhaul memory management")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | crypto/af_alg.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 815ee1075574..42dfdd1fd6d8 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -1183,8 +1183,10 @@ int af_alg_get_rsgl(struct sock *sk, struct msghdr *msg, int flags, /* make one iovec available as scatterlist */ err = af_alg_make_sg(&rsgl->sgl, &msg->msg_iter, seglen); - if (err < 0) + if (err < 0) { + rsgl->sg_num_bytes = 0; return err; + } /* chain the new scatterlist with previous one */ if (areq->last_rsgl) |