Linux-Next Archive on lore.kernel.org
 help / color / Atom feed
From: LABBE Corentin <clabbe@baylibre.com>
To: coverity-bot <keescook@chromium.org>
Cc: Neil Armstrong <narmstrong@baylibre.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
	linux-next@vger.kernel.org
Subject: Re: Coverity: meson_cipher(): Resource leaks
Date: Tue, 5 Nov 2019 20:08:37 +0100
Message-ID: <20191105190837.GB16603@Red> (raw)
In-Reply-To: <201911040937.0C30944DE6@keescook>

On Mon, Nov 04, 2019 at 09:37:58AM -0800, coverity-bot wrote:
> Hello!
> 
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20191031 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
> 
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by recent commits:
> 
> 48fe583fe541 ("crypto: amlogic - Add crypto accelerator for amlogic GXL")
> 
> Coverity reported the following:
> 
> *** CID 1487401:  Resource leaks  (RESOURCE_LEAK)
> /drivers/crypto/amlogic/amlogic-gxl-cipher.c: 134 in meson_cipher()
> 128     	keyivlen = op->keylen;
> 129
> 130     	ivsize = crypto_skcipher_ivsize(tfm);
> 131     	if (areq->iv && ivsize > 0) {
> 132     		if (ivsize > areq->cryptlen) {
> 133     			dev_err(mc->dev, "invalid ivsize=%d vs len=%d\n", ivsize, areq->cryptlen);
> vvv     CID 1487401:  Resource leaks  (RESOURCE_LEAK)
> vvv     Variable "bkeyiv" going out of scope leaks the storage it points to.
> 134     			return -EINVAL;
> 135     		}
> 136     		memcpy(bkeyiv + 32, areq->iv, ivsize);
> 137     		keyivlen = 48;
> 138     		if (rctx->op_dir == MESON_DECRYPT) {
> 139     			backup_iv = kzalloc(ivsize, GFP_KERNEL);
> 
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include these lines (but double-check the "Fixes" first):
> 
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1487401 ("Resource leaks")
> Fixes: 48fe583fe541 ("crypto: amlogic - Add crypto accelerator for amlogic GXL")
> 
> 
> Thanks for your attention!
> 

Thanks for the report, I will send the fix soon.

Regards

      reply index

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-04 17:37 coverity-bot
2019-11-05 19:08 ` LABBE Corentin [this message]

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191105190837.GB16603@Red \
    --to=clabbe@baylibre.com \
    --cc=gustavo@embeddedor.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=keescook@chromium.org \
    --cc=linux-next@vger.kernel.org \
    --cc=narmstrong@baylibre.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Next Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-next/0 linux-next/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-next linux-next/ https://lore.kernel.org/linux-next \
		linux-next@vger.kernel.org
	public-inbox-index linux-next

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-next


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git