linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] gss_krb5: Fix memleak in krb5_make_rc4_seq_num
@ 2020-08-27  8:02 Dinghao Liu
  2020-08-29 15:36 ` J. Bruce Fields
  0 siblings, 1 reply; 3+ messages in thread
From: Dinghao Liu @ 2020-08-27  8:02 UTC (permalink / raw)
  To: dinghao.liu, kjlu
  Cc: Trond Myklebust, Anna Schumaker, J. Bruce Fields, Chuck Lever,
	David S. Miller, Jakub Kicinski, Scott Mayhew, linux-nfs, netdev,
	linux-kernel

When kmalloc() fails, cipher should be freed
just like when krb5_rc4_setup_seq_key() fails.

Fixes: e7afe6c1d486b ("sunrpc: fix 4 more call sites that were using stack memory with a scatterlist")
Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
---
 net/sunrpc/auth_gss/gss_krb5_seqnum.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index 507105127095..88ca58d11082 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -53,8 +53,10 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum,
 		return PTR_ERR(cipher);
 
 	plain = kmalloc(8, GFP_NOFS);
-	if (!plain)
-		return -ENOMEM;
+	if (!plain) {
+		code = -ENOMEM;
+		goto out;
+	}
 
 	plain[0] = (unsigned char) ((seqnum >> 24) & 0xff);
 	plain[1] = (unsigned char) ((seqnum >> 16) & 0xff);
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] gss_krb5: Fix memleak in krb5_make_rc4_seq_num
  2020-08-27  8:02 [PATCH] gss_krb5: Fix memleak in krb5_make_rc4_seq_num Dinghao Liu
@ 2020-08-29 15:36 ` J. Bruce Fields
  2020-08-31 15:27   ` Ard Biesheuvel
  0 siblings, 1 reply; 3+ messages in thread
From: J. Bruce Fields @ 2020-08-29 15:36 UTC (permalink / raw)
  To: Dinghao Liu
  Cc: kjlu, Trond Myklebust, Anna Schumaker, Chuck Lever,
	David S. Miller, Jakub Kicinski, Scott Mayhew, linux-nfs, netdev,
	linux-kernel, Ard Biesheuvel

This code is rarely if ever used, and there are pending patches to
remove it completely, so I don't think it's worth trying to fix a rare
memory leak at this point.

--b.

On Thu, Aug 27, 2020 at 04:02:50PM +0800, Dinghao Liu wrote:
> When kmalloc() fails, cipher should be freed
> just like when krb5_rc4_setup_seq_key() fails.
> 
> Fixes: e7afe6c1d486b ("sunrpc: fix 4 more call sites that were using stack memory with a scatterlist")
> Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
> ---
>  net/sunrpc/auth_gss/gss_krb5_seqnum.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
> index 507105127095..88ca58d11082 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
> @@ -53,8 +53,10 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum,
>  		return PTR_ERR(cipher);
>  
>  	plain = kmalloc(8, GFP_NOFS);
> -	if (!plain)
> -		return -ENOMEM;
> +	if (!plain) {
> +		code = -ENOMEM;
> +		goto out;
> +	}
>  
>  	plain[0] = (unsigned char) ((seqnum >> 24) & 0xff);
>  	plain[1] = (unsigned char) ((seqnum >> 16) & 0xff);
> -- 
> 2.17.1

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] gss_krb5: Fix memleak in krb5_make_rc4_seq_num
  2020-08-29 15:36 ` J. Bruce Fields
@ 2020-08-31 15:27   ` Ard Biesheuvel
  0 siblings, 0 replies; 3+ messages in thread
From: Ard Biesheuvel @ 2020-08-31 15:27 UTC (permalink / raw)
  To: J. Bruce Fields
  Cc: Dinghao Liu, Kangjie Lu, Trond Myklebust, Anna Schumaker,
	Chuck Lever, David S. Miller, Jakub Kicinski, Scott Mayhew,
	linux-nfs, open list:BPF JIT for MIPS (32-BIT AND 64-BIT),
	Linux Kernel Mailing List

On Sat, 29 Aug 2020 at 18:43, J. Bruce Fields <bfields@fieldses.org> wrote:
>
> This code is rarely if ever used, and there are pending patches to
> remove it completely, so I don't think it's worth trying to fix a rare
> memory leak at this point.
>
> --b.
>

FYI I just submitted v3 of my series removing this code to the
linux-crypto list, and so hopefully it will disappear in v5.10


> On Thu, Aug 27, 2020 at 04:02:50PM +0800, Dinghao Liu wrote:
> > When kmalloc() fails, cipher should be freed
> > just like when krb5_rc4_setup_seq_key() fails.
> >
> > Fixes: e7afe6c1d486b ("sunrpc: fix 4 more call sites that were using stack memory with a scatterlist")
> > Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
> > ---
> >  net/sunrpc/auth_gss/gss_krb5_seqnum.c | 6 ++++--
> >  1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
> > index 507105127095..88ca58d11082 100644
> > --- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
> > +++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
> > @@ -53,8 +53,10 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum,
> >               return PTR_ERR(cipher);
> >
> >       plain = kmalloc(8, GFP_NOFS);
> > -     if (!plain)
> > -             return -ENOMEM;
> > +     if (!plain) {
> > +             code = -ENOMEM;
> > +             goto out;
> > +     }
> >
> >       plain[0] = (unsigned char) ((seqnum >> 24) & 0xff);
> >       plain[1] = (unsigned char) ((seqnum >> 16) & 0xff);
> > --
> > 2.17.1

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-08-31 15:27 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-27  8:02 [PATCH] gss_krb5: Fix memleak in krb5_make_rc4_seq_num Dinghao Liu
2020-08-29 15:36 ` J. Bruce Fields
2020-08-31 15:27   ` Ard Biesheuvel

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).