* [PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails
@ 2017-11-27 7:18 ` Eric Biggers
0 siblings, 0 replies; 4+ messages in thread
From: Eric Biggers @ 2017-11-27 7:18 UTC (permalink / raw)
To: keyrings, David Howells; +Cc: linux-crypto, Eric Biggers
From: Eric Biggers <ebiggers@google.com>
If pkcs7_check_authattrs() returns an error code, we should pass that
error code on, rather than using ENOMEM.
Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes and content type")
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
crypto/asymmetric_keys/pkcs7_parser.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index c1ca1e86f5c4..a6dcaa659aa8 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -148,8 +148,10 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
}
ret = pkcs7_check_authattrs(ctx->msg);
- if (ret < 0)
+ if (ret < 0) {
+ msg = ERR_PTR(ret);
goto out;
+ }
msg = ctx->msg;
ctx->msg = NULL;
--
2.15.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails
@ 2017-11-27 7:18 ` Eric Biggers
0 siblings, 0 replies; 4+ messages in thread
From: Eric Biggers @ 2017-11-27 7:18 UTC (permalink / raw)
To: keyrings, David Howells; +Cc: linux-crypto, Eric Biggers
From: Eric Biggers <ebiggers@google.com>
If pkcs7_check_authattrs() returns an error code, we should pass that
error code on, rather than using ENOMEM.
Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes and content type")
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
crypto/asymmetric_keys/pkcs7_parser.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index c1ca1e86f5c4..a6dcaa659aa8 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -148,8 +148,10 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
}
ret = pkcs7_check_authattrs(ctx->msg);
- if (ret < 0)
+ if (ret < 0) {
+ msg = ERR_PTR(ret);
goto out;
+ }
msg = ctx->msg;
ctx->msg = NULL;
--
2.15.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails
2017-11-27 7:18 ` Eric Biggers
@ 2017-11-27 9:54 ` James Morris
-1 siblings, 0 replies; 4+ messages in thread
From: James Morris @ 2017-11-27 9:54 UTC (permalink / raw)
To: Eric Biggers; +Cc: keyrings, David Howells, linux-crypto, Eric Biggers
On Sun, 26 Nov 2017, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> If pkcs7_check_authattrs() returns an error code, we should pass that
> error code on, rather than using ENOMEM.
>
> Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes and content type")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
> crypto/asymmetric_keys/pkcs7_parser.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
> index c1ca1e86f5c4..a6dcaa659aa8 100644
> --- a/crypto/asymmetric_keys/pkcs7_parser.c
> +++ b/crypto/asymmetric_keys/pkcs7_parser.c
> @@ -148,8 +148,10 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
> }
>
> ret = pkcs7_check_authattrs(ctx->msg);
> - if (ret < 0)
> + if (ret < 0) {
> + msg = ERR_PTR(ret);
> goto out;
> + }
>
> msg = ctx->msg;
> ctx->msg = NULL;
Reviewed-by: James Morris <james.l.morris@oracle.com>
--
James Morris
<james.l.morris@oracle.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails
@ 2017-11-27 9:54 ` James Morris
0 siblings, 0 replies; 4+ messages in thread
From: James Morris @ 2017-11-27 9:54 UTC (permalink / raw)
To: Eric Biggers; +Cc: keyrings, David Howells, linux-crypto, Eric Biggers
On Sun, 26 Nov 2017, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> If pkcs7_check_authattrs() returns an error code, we should pass that
> error code on, rather than using ENOMEM.
>
> Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes and content type")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
> crypto/asymmetric_keys/pkcs7_parser.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
> index c1ca1e86f5c4..a6dcaa659aa8 100644
> --- a/crypto/asymmetric_keys/pkcs7_parser.c
> +++ b/crypto/asymmetric_keys/pkcs7_parser.c
> @@ -148,8 +148,10 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
> }
>
> ret = pkcs7_check_authattrs(ctx->msg);
> - if (ret < 0)
> + if (ret < 0) {
> + msg = ERR_PTR(ret);
> goto out;
> + }
>
> msg = ctx->msg;
> ctx->msg = NULL;
Reviewed-by: James Morris <james.l.morris@oracle.com>
--
James Morris
<james.l.morris@oracle.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-11-27 9:54 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-27 7:18 [PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails Eric Biggers
2017-11-27 7:18 ` Eric Biggers
2017-11-27 9:54 ` James Morris
2017-11-27 9:54 ` James Morris
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.