summaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorChristian Engelmayer <cengelma@gmx.at>2014-04-21 20:45:59 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2014-04-28 18:21:17 +0800
commitac5f863f8c548ab72511213b30368cfc8007ae01 (patch)
tree5bae766d43ab3847ad573c7a0c15d1e395c2b9a7 /crypto
parent3d67be2761dc4b5b792037f296f3394a29581efc (diff)
downloadlinux-rpi-ac5f863f8c548ab72511213b30368cfc8007ae01.tar.gz
linux-rpi-ac5f863f8c548ab72511213b30368cfc8007ae01.tar.bz2
linux-rpi-ac5f863f8c548ab72511213b30368cfc8007ae01.zip
crypto: tcrypt - Fix potential leak in test_aead_speed() if aad_size is too big
Fix a potential memory leak in the error handling of test_aead_speed(). In case the size check on the associate data length parameter fails, the function goes through the wrong exit label. Reported by Coverity - CID 1163870. Signed-off-by: Christian Engelmayer <cengelma@gmx.at> Acked-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/tcrypt.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 870be7b4dc05..1856d7ff2688 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -282,6 +282,11 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec,
unsigned int *b_size;
unsigned int iv_len;
+ if (aad_size >= PAGE_SIZE) {
+ pr_err("associate data length (%u) too big\n", aad_size);
+ return;
+ }
+
if (enc == ENCRYPT)
e = "encryption";
else
@@ -323,14 +328,7 @@ static void test_aead_speed(const char *algo, int enc, unsigned int sec,
b_size = aead_sizes;
do {
assoc = axbuf[0];
-
- if (aad_size < PAGE_SIZE)
- memset(assoc, 0xff, aad_size);
- else {
- pr_err("associate data length (%u) too big\n",
- aad_size);
- goto out_nosg;
- }
+ memset(assoc, 0xff, aad_size);
sg_init_one(&asg[0], assoc, aad_size);
if ((*keysize + *b_size) > TVMEMSIZE * PAGE_SIZE) {