summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2014-09-22 00:02:01 +0100
committerDavid Howells <dhowells@redhat.com>2014-09-22 00:02:01 +0100
commitd1ac5540455c3a2a11e943e19e2dc044cebe147d (patch)
tree6599811a28a31242fb258afa74361ff425bb07d6 /crypto
parentd3e4f41973753a7768a5728be53c7d9a3fdf86cb (diff)
downloadlinux-d1ac5540455c3a2a11e943e19e2dc044cebe147d.tar.gz
linux-d1ac5540455c3a2a11e943e19e2dc044cebe147d.tar.bz2
linux-d1ac5540455c3a2a11e943e19e2dc044cebe147d.zip
KEYS: Check hex2bin()'s return when generating an asymmetric key ID
As it stands, the code to generate an asymmetric key ID prechecks the hex string it is given whilst determining the length, before it allocates the buffer for hex2bin() to translate into - which mean that checking the result of hex2bin() is redundant. Unfortunately, hex2bin() is marked as __must_check, which means that the following warning may be generated if the return value isn't checked: crypto/asymmetric_keys/asymmetric_type.c: In function asymmetric_key_hex_to_key_id: crypto/asymmetric_keys/asymmetric_type.c:110: warning: ignoring return value of hex2bin, declared with attribute warn_unused_result The warning can't be avoided by casting the result to void. Instead, use strlen() to check the length of the string and ignore the fact that the string might not be entirely valid hex until after the allocation has been done - in which case we can use the result of hex2bin() for this. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/asymmetric_keys/asymmetric_type.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/crypto/asymmetric_keys/asymmetric_type.c b/crypto/asymmetric_keys/asymmetric_type.c
index 718e779a010e..f0f2111d2c66 100644
--- a/crypto/asymmetric_keys/asymmetric_type.c
+++ b/crypto/asymmetric_keys/asymmetric_type.c
@@ -90,15 +90,12 @@ EXPORT_SYMBOL_GPL(asymmetric_match_key_ids);
struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id)
{
struct asymmetric_key_id *match_id;
- const char *p;
- ptrdiff_t hexlen;
+ size_t hexlen;
+ int ret;
if (!*id)
return ERR_PTR(-EINVAL);
- for (p = id; *p; p++)
- if (!isxdigit(*p))
- return ERR_PTR(-EINVAL);
- hexlen = p - id;
+ hexlen = strlen(id);
if (hexlen & 1)
return ERR_PTR(-EINVAL);
@@ -107,7 +104,11 @@ struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id)
if (!match_id)
return ERR_PTR(-ENOMEM);
match_id->len = hexlen / 2;
- (void)hex2bin(match_id->data, id, hexlen / 2);
+ ret = hex2bin(match_id->data, id, hexlen / 2);
+ if (ret < 0) {
+ kfree(match_id);
+ return ERR_PTR(-EINVAL);
+ }
return match_id;
}