tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
nvme-auth: uninitialized variable in nvme_auth_transform_key()
A couple of the early error gotos call kfree_sensitive(transformed_key);
before "transformed_key" has been initialized.
Fixes: db1312dd9548 ("nvmet: implement basic In-Band Authentication")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
authored by
Dan Carpenter
and committed by
Jens Axboe
80e27684
4daf7fa0
+16
-9
+16
-9
drivers/nvme/common/auth.c
+16
-9
drivers/nvme/common/auth.c
···
272
272
shash->tfm = key_tfm;
273
273
ret = crypto_shash_setkey(key_tfm, key->key, key->len);
274
274
if (ret < 0)
275
-
goto out_free_shash;
275
+
goto out_free_transformed_key;
276
276
ret = crypto_shash_init(shash);
277
277
if (ret < 0)
278
-
goto out_free_shash;
278
+
goto out_free_transformed_key;
279
279
ret = crypto_shash_update(shash, nqn, strlen(nqn));
280
280
if (ret < 0)
281
-
goto out_free_shash;
281
+
goto out_free_transformed_key;
282
282
ret = crypto_shash_update(shash, "NVMe-over-Fabrics", 17);
283
283
if (ret < 0)
284
-
goto out_free_shash;
284
+
goto out_free_transformed_key;
285
285
ret = crypto_shash_final(shash, transformed_key);
286
+
if (ret < 0)
287
+
goto out_free_transformed_key;
288
+
289
+
kfree(shash);
290
+
crypto_free_shash(key_tfm);
291
+
292
+
return transformed_key;
293
+
294
+
out_free_transformed_key:
295
+
kfree_sensitive(transformed_key);
286
296
out_free_shash:
287
297
kfree(shash);
288
298
out_free_key:
289
299
crypto_free_shash(key_tfm);
290
-
if (ret < 0) {
291
-
kfree_sensitive(transformed_key);
292
-
return ERR_PTR(ret);
293
-
}
294
-
return transformed_key;
300
+
301
+
return ERR_PTR(ret);
295
302
}
296
303
EXPORT_SYMBOL_GPL(nvme_auth_transform_key);
297
304