From: kernel test robot <lkp@intel.com>
To: Lukas Wunner <lukas@wunner.de>
Cc: oe-kbuild-all@lists.linux.dev,
Linux Memory Management List <linux-mm@kvack.org>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [linux-next:master 4693/7876] crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure
Date: Wed, 24 Apr 2024 09:17:59 +0800 [thread overview]
Message-ID: <202404240904.Qi3nM37B-lkp@intel.com> (raw)
tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head: a59668a9397e7245b26e9be85d23f242ff757ae8
commit: 5c6ca9d936654a135b459c846885e08966e5e5bf [4693/7876] X.509: Introduce scope-based x509_certificate allocation
config: sparc-randconfig-r061-20240423 (https://download.01.org/0day-ci/archive/20240424/202404240904.Qi3nM37B-lkp@intel.com/config)
compiler: sparc64-linux-gcc (GCC) 13.2.0
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202404240904.Qi3nM37B-lkp@intel.com/
cocci warnings: (new ones prefixed by >>)
>> crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure
vim +69 crypto/asymmetric_keys/x509_cert_parser.c
57
58 /*
59 * Parse an X.509 certificate
60 */
61 struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
62 {
63 struct x509_certificate *cert __free(x509_free_certificate);
64 struct x509_parse_context *ctx __free(kfree) = NULL;
65 struct asymmetric_key_id *kid;
66 long ret;
67
> 68 cert = kzalloc(sizeof(struct x509_certificate), GFP_KERNEL);
> 69 assume(!IS_ERR(cert)); /* Avoid gratuitous IS_ERR() check on return */
70 if (!cert)
71 return ERR_PTR(-ENOMEM);
72 cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL);
73 if (!cert->pub)
74 return ERR_PTR(-ENOMEM);
75 cert->sig = kzalloc(sizeof(struct public_key_signature), GFP_KERNEL);
76 if (!cert->sig)
77 return ERR_PTR(-ENOMEM);
78 ctx = kzalloc(sizeof(struct x509_parse_context), GFP_KERNEL);
79 if (!ctx)
80 return ERR_PTR(-ENOMEM);
81
82 ctx->cert = cert;
83 ctx->data = (unsigned long)data;
84
85 /* Attempt to decode the certificate */
86 ret = asn1_ber_decoder(&x509_decoder, ctx, data, datalen);
87 if (ret < 0)
88 return ERR_PTR(ret);
89
90 /* Decode the AuthorityKeyIdentifier */
91 if (ctx->raw_akid) {
92 pr_devel("AKID: %u %*phN\n",
93 ctx->raw_akid_size, ctx->raw_akid_size, ctx->raw_akid);
94 ret = asn1_ber_decoder(&x509_akid_decoder, ctx,
95 ctx->raw_akid, ctx->raw_akid_size);
96 if (ret < 0) {
97 pr_warn("Couldn't decode AuthKeyIdentifier\n");
98 return ERR_PTR(ret);
99 }
100 }
101
102 cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL);
103 if (!cert->pub->key)
104 return ERR_PTR(-ENOMEM);
105
106 cert->pub->keylen = ctx->key_size;
107
108 cert->pub->params = kmemdup(ctx->params, ctx->params_size, GFP_KERNEL);
109 if (!cert->pub->params)
110 return ERR_PTR(-ENOMEM);
111
112 cert->pub->paramlen = ctx->params_size;
113 cert->pub->algo = ctx->key_algo;
114
115 /* Grab the signature bits */
116 ret = x509_get_sig_params(cert);
117 if (ret < 0)
118 return ERR_PTR(ret);
119
120 /* Generate cert issuer + serial number key ID */
121 kid = asymmetric_key_generate_id(cert->raw_serial,
122 cert->raw_serial_size,
123 cert->raw_issuer,
124 cert->raw_issuer_size);
125 if (IS_ERR(kid))
126 return ERR_CAST(kid);
127 cert->id = kid;
128
129 /* Detect self-signed certificates */
130 ret = x509_check_for_self_signed(cert);
131 if (ret < 0)
132 return ERR_PTR(ret);
133
134 return_ptr(cert);
135 }
136 EXPORT_SYMBOL_GPL(x509_cert_parse);
137
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
reply other threads:[~2024-04-24 1:18 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202404240904.Qi3nM37B-lkp@intel.com \
--to=lkp@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-mm@kvack.org \
--cc=lukas@wunner.de \
--cc=oe-kbuild-all@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.