All of lore.kernel.org
 help / color / mirror / Atom feed
From: kernel test robot <lkp@intel.com>
To: Lukas Wunner <lukas@wunner.de>
Cc: oe-kbuild-all@lists.linux.dev,
	Linux Memory Management List <linux-mm@kvack.org>,
	Herbert Xu <herbert@gondor.apana.org.au>
Subject: [linux-next:master 4693/7876] crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure
Date: Wed, 24 Apr 2024 09:17:59 +0800	[thread overview]
Message-ID: <202404240904.Qi3nM37B-lkp@intel.com> (raw)

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head:   a59668a9397e7245b26e9be85d23f242ff757ae8
commit: 5c6ca9d936654a135b459c846885e08966e5e5bf [4693/7876] X.509: Introduce scope-based x509_certificate allocation
config: sparc-randconfig-r061-20240423 (https://download.01.org/0day-ci/archive/20240424/202404240904.Qi3nM37B-lkp@intel.com/config)
compiler: sparc64-linux-gcc (GCC) 13.2.0

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202404240904.Qi3nM37B-lkp@intel.com/

cocci warnings: (new ones prefixed by >>)
>> crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure

vim +69 crypto/asymmetric_keys/x509_cert_parser.c

    57	
    58	/*
    59	 * Parse an X.509 certificate
    60	 */
    61	struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
    62	{
    63		struct x509_certificate *cert __free(x509_free_certificate);
    64		struct x509_parse_context *ctx __free(kfree) = NULL;
    65		struct asymmetric_key_id *kid;
    66		long ret;
    67	
  > 68		cert = kzalloc(sizeof(struct x509_certificate), GFP_KERNEL);
  > 69		assume(!IS_ERR(cert)); /* Avoid gratuitous IS_ERR() check on return */
    70		if (!cert)
    71			return ERR_PTR(-ENOMEM);
    72		cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL);
    73		if (!cert->pub)
    74			return ERR_PTR(-ENOMEM);
    75		cert->sig = kzalloc(sizeof(struct public_key_signature), GFP_KERNEL);
    76		if (!cert->sig)
    77			return ERR_PTR(-ENOMEM);
    78		ctx = kzalloc(sizeof(struct x509_parse_context), GFP_KERNEL);
    79		if (!ctx)
    80			return ERR_PTR(-ENOMEM);
    81	
    82		ctx->cert = cert;
    83		ctx->data = (unsigned long)data;
    84	
    85		/* Attempt to decode the certificate */
    86		ret = asn1_ber_decoder(&x509_decoder, ctx, data, datalen);
    87		if (ret < 0)
    88			return ERR_PTR(ret);
    89	
    90		/* Decode the AuthorityKeyIdentifier */
    91		if (ctx->raw_akid) {
    92			pr_devel("AKID: %u %*phN\n",
    93				 ctx->raw_akid_size, ctx->raw_akid_size, ctx->raw_akid);
    94			ret = asn1_ber_decoder(&x509_akid_decoder, ctx,
    95					       ctx->raw_akid, ctx->raw_akid_size);
    96			if (ret < 0) {
    97				pr_warn("Couldn't decode AuthKeyIdentifier\n");
    98				return ERR_PTR(ret);
    99			}
   100		}
   101	
   102		cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL);
   103		if (!cert->pub->key)
   104			return ERR_PTR(-ENOMEM);
   105	
   106		cert->pub->keylen = ctx->key_size;
   107	
   108		cert->pub->params = kmemdup(ctx->params, ctx->params_size, GFP_KERNEL);
   109		if (!cert->pub->params)
   110			return ERR_PTR(-ENOMEM);
   111	
   112		cert->pub->paramlen = ctx->params_size;
   113		cert->pub->algo = ctx->key_algo;
   114	
   115		/* Grab the signature bits */
   116		ret = x509_get_sig_params(cert);
   117		if (ret < 0)
   118			return ERR_PTR(ret);
   119	
   120		/* Generate cert issuer + serial number key ID */
   121		kid = asymmetric_key_generate_id(cert->raw_serial,
   122						 cert->raw_serial_size,
   123						 cert->raw_issuer,
   124						 cert->raw_issuer_size);
   125		if (IS_ERR(kid))
   126			return ERR_CAST(kid);
   127		cert->id = kid;
   128	
   129		/* Detect self-signed certificates */
   130		ret = x509_check_for_self_signed(cert);
   131		if (ret < 0)
   132			return ERR_PTR(ret);
   133	
   134		return_ptr(cert);
   135	}
   136	EXPORT_SYMBOL_GPL(x509_cert_parse);
   137	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

                 reply	other threads:[~2024-04-24  1:18 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202404240904.Qi3nM37B-lkp@intel.com \
    --to=lkp@intel.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-mm@kvack.org \
    --cc=lukas@wunner.de \
    --cc=oe-kbuild-all@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.