diff options
| author | Ard Biesheuvel <ardb@kernel.org> | 2021-03-02 21:33:03 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2021-05-11 14:04:05 +0200 |
| commit | 69f1a9702d3f7d96f50cd05c733c3c43a5b19741 (patch) | |
| tree | 45a21e6a1458e66b467f19a7aecda20d216c09d2 /crypto | |
| parent | 8ac79bdcc0c44f4ea05fc64a573bfc3db95e3d19 (diff) | |
| download | linux-stable-69f1a9702d3f7d96f50cd05c733c3c43a5b19741.tar.gz linux-stable-69f1a9702d3f7d96f50cd05c733c3c43a5b19741.tar.bz2 linux-stable-69f1a9702d3f7d96f50cd05c733c3c43a5b19741.zip | |
crypto: api - check for ERR pointers in crypto_destroy_tfm()
[ Upstream commit 83681f2bebb34dbb3f03fecd8f570308ab8b7c2c ]
Given that crypto_alloc_tfm() may return ERR pointers, and to avoid
crashes on obscure error paths where such pointers are presented to
crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there
before dereferencing the second argument as a struct crypto_tfm
pointer.
[0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/
Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/api.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/api.c b/crypto/api.c index eda0c56b8615..c71d1485541c 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -568,7 +568,7 @@ void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm) { struct crypto_alg *alg; - if (unlikely(!mem)) + if (IS_ERR_OR_NULL(mem)) return; alg = tfm->__crt_alg; |