All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] crypto: api - check for ERR pointers in crypto_destroy_tfm()
@ 2021-02-28 12:28 Ard Biesheuvel
  2021-03-01 18:30 ` Eric Biggers
  0 siblings, 1 reply; 2+ messages in thread
From: Ard Biesheuvel @ 2021-02-28 12:28 UTC (permalink / raw)
  To: linux-crypto; +Cc: herbert, Ard Biesheuvel, syzbot+12cf5fbfdeba210a89dd

Given that crypto_alloc_tfm() may return ERR pointers, and to avoid
crashes on obscure error paths where such pointers are presented to
crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there
before dereferencing the second argument as a struct crypto_tfm
pointer.

[0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/

Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 crypto/api.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/api.c b/crypto/api.c
index ed08cbd5b9d3..c4eda56cff89 100644
--- a/crypto/api.c
+++ b/crypto/api.c
@@ -562,7 +562,7 @@ void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm)
 {
 	struct crypto_alg *alg;
 
-	if (unlikely(!mem))
+	if (IS_ERR_OR_NULL(mem))
 		return;
 
 	alg = tfm->__crt_alg;
-- 
2.30.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] crypto: api - check for ERR pointers in crypto_destroy_tfm()
  2021-02-28 12:28 [PATCH] crypto: api - check for ERR pointers in crypto_destroy_tfm() Ard Biesheuvel
@ 2021-03-01 18:30 ` Eric Biggers
  0 siblings, 0 replies; 2+ messages in thread
From: Eric Biggers @ 2021-03-01 18:30 UTC (permalink / raw)
  To: Ard Biesheuvel; +Cc: linux-crypto, herbert, syzbot+12cf5fbfdeba210a89dd

On Sun, Feb 28, 2021 at 01:28:24PM +0100, Ard Biesheuvel wrote:
> Given that crypto_alloc_tfm() may return ERR pointers, and to avoid
> crashes on obscure error paths where such pointers are presented to
> crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there
> before dereferencing the second argument as a struct crypto_tfm
> pointer.
> 
> [0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/
> 
> Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
>  crypto/api.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/crypto/api.c b/crypto/api.c
> index ed08cbd5b9d3..c4eda56cff89 100644
> --- a/crypto/api.c
> +++ b/crypto/api.c
> @@ -562,7 +562,7 @@ void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm)
>  {
>  	struct crypto_alg *alg;
>  
> -	if (unlikely(!mem))
> +	if (IS_ERR_OR_NULL(mem))
>  		return;
>  
>  	alg = tfm->__crt_alg;

Could you update the comments for the functions which call crypto_destroy_tfm()
(crypto_free_aead(), crypto_free_skcipher(), etc.) to mention that they do
nothing when passed NULL or an ERR_PTR()?

- Eric

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-03-01 20:37 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-28 12:28 [PATCH] crypto: api - check for ERR pointers in crypto_destroy_tfm() Ard Biesheuvel
2021-03-01 18:30 ` Eric Biggers

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.