ACK: [BIONIC][CVE-2019-18808][PATCH 2/2] crypto: ccp - Release all allocated memory if sha type is invalid
Kleber Souza
kleber.souza at canonical.com
Thu Aug 20 08:03:27 UTC 2020
On 13.08.20 14:33, William Breathitt Gray wrote:
> From: Navid Emamdoost <navid.emamdoost at gmail.com>
>
> Release all allocated memory if sha type is invalid:
> In ccp_run_sha_cmd, if the type of sha is invalid, the allocated
> hmac_buf should be released.
>
> v2: fix the goto.
>
> Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
> Acked-by: Gary R Hook <gary.hook at amd.com>
> Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
>
> CVE-2019-18808
>
> (cherry picked from 128c66429247add5128c03dc1e144ca56f05a4e2)
> Signed-off-by: William Breathitt Gray <william.gray at canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
> ---
> drivers/crypto/ccp/ccp-ops.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
> index 330853a2702f..43b74cf0787e 100644
> --- a/drivers/crypto/ccp/ccp-ops.c
> +++ b/drivers/crypto/ccp/ccp-ops.c
> @@ -1783,8 +1783,9 @@ ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd)
> LSB_ITEM_SIZE);
> break;
> default:
> + kfree(hmac_buf);
> ret = -EINVAL;
> - goto e_ctx;
> + goto e_data;
> }
>
> memset(&hmac_cmd, 0, sizeof(hmac_cmd));
>
More information about the kernel-team
mailing list