summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2019-05-22 12:42:29 -0700
committerHerbert Xu <herbert@gondor.apana.org.au>2019-05-30 15:25:57 +0800
commit7829a0c1cb9c80debfb4fdb49b4d90019f2ea1ac (patch)
treef15fd92cbf013eb8e31c422457593b674e46aae1
parent9c5b34c2f7eb01976a5aa29ccdb786a634e3d1e0 (diff)
downloadlinux-stable-7829a0c1cb9c80debfb4fdb49b4d90019f2ea1ac.tar.gz
linux-stable-7829a0c1cb9c80debfb4fdb49b4d90019f2ea1ac.tar.bz2
linux-stable-7829a0c1cb9c80debfb4fdb49b4d90019f2ea1ac.zip
crypto: hmac - fix memory leak in hmac_init_tfm()
When I added the sanity check of 'descsize', I missed that the child hash tfm needs to be freed if the sanity check fails. Of course this should never happen, hence the use of WARN_ON(), but it should be fixed. Fixes: e1354400b25d ("crypto: hash - fix incorrect HASH_MAX_DESCSIZE") Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--crypto/hmac.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 241b1868c1d0..ac8c611ee33e 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -157,8 +157,10 @@ static int hmac_init_tfm(struct crypto_tfm *tfm)
parent->descsize = sizeof(struct shash_desc) +
crypto_shash_descsize(hash);
- if (WARN_ON(parent->descsize > HASH_MAX_DESCSIZE))
+ if (WARN_ON(parent->descsize > HASH_MAX_DESCSIZE)) {
+ crypto_free_shash(hash);
return -EINVAL;
+ }
ctx->hash = hash;
return 0;