[BIONIC][CVE-2019-18808][PATCH 2/2] crypto: ccp - Release all allocated memory if sha type is invalid
William Breathitt Gray
william.gray at canonical.com
Thu Aug 13 12:33:48 UTC 2020
From: Navid Emamdoost <navid.emamdoost at gmail.com>
Release all allocated memory if sha type is invalid:
In ccp_run_sha_cmd, if the type of sha is invalid, the allocated
hmac_buf should be released.
v2: fix the goto.
Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
Acked-by: Gary R Hook <gary.hook at amd.com>
Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
CVE-2019-18808
(cherry picked from 128c66429247add5128c03dc1e144ca56f05a4e2)
Signed-off-by: William Breathitt Gray <william.gray at canonical.com>
---
drivers/crypto/ccp/ccp-ops.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 330853a2702f..43b74cf0787e 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1783,8 +1783,9 @@ ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd)
LSB_ITEM_SIZE);
break;
default:
+ kfree(hmac_buf);
ret = -EINVAL;
- goto e_ctx;
+ goto e_data;
}
memset(&hmac_cmd, 0, sizeof(hmac_cmd));
--
2.25.1
More information about the kernel-team
mailing list