[ 161/171] libceph: fix crypto key null deref, memory leak
From: Greg Kroah-Hartman
Date: Thu Nov 22 2012 - 17:07:30 EST
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Sylvain Munaut <tnt@xxxxxxxxxx>
(cherry picked from commit f0666b1ac875ff32fe290219b150ec62eebbe10e)
Avoid crashing if the crypto key payload was NULL, as when it was not correctly
allocated and initialized. Also, avoid leaking it.
Signed-off-by: Sylvain Munaut <tnt@xxxxxxxxxx>
Signed-off-by: Sage Weil <sage@xxxxxxxxxxx>
Reviewed-by: Alex Elder <elder@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/ceph/crypto.c | 1 +
net/ceph/crypto.h | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
--- a/net/ceph/crypto.c
+++ b/net/ceph/crypto.c
@@ -466,6 +466,7 @@ void ceph_key_destroy(struct key *key) {
struct ceph_crypto_key *ckey = key->payload.data;
ceph_crypto_key_destroy(ckey);
+ kfree(ckey);
}
struct key_type key_type_ceph = {
--- a/net/ceph/crypto.h
+++ b/net/ceph/crypto.h
@@ -16,7 +16,8 @@ struct ceph_crypto_key {
static inline void ceph_crypto_key_destroy(struct ceph_crypto_key *key)
{
- kfree(key->key);
+ if (key)
+ kfree(key->key);
}
extern int ceph_crypto_key_clone(struct ceph_crypto_key *dst,
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/