* [PATCH ipsec] xfrm: Fix error reporting in xfrm_state_construct.
@ 2021-06-07 13:21 Steffen Klassert
2021-06-16 6:29 ` Steffen Klassert
0 siblings, 1 reply; 2+ messages in thread
From: Steffen Klassert @ 2021-06-07 13:21 UTC (permalink / raw)
To: netdev
When memory allocation for XFRMA_ENCAP or XFRMA_COADDR fails,
the error will not be reported because the -ENOMEM assignment
to the err variable is overwritten before. Fix this by moving
these two in front of the function so that memory allocation
failures will be reported.
Reported-by: Tobias Brunner <tobias@strongswan.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
net/xfrm/xfrm_user.c | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 5a0ef4361e43..817e714dedea 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -580,6 +580,20 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
copy_from_user_state(x, p);
+ if (attrs[XFRMA_ENCAP]) {
+ x->encap = kmemdup(nla_data(attrs[XFRMA_ENCAP]),
+ sizeof(*x->encap), GFP_KERNEL);
+ if (x->encap == NULL)
+ goto error;
+ }
+
+ if (attrs[XFRMA_COADDR]) {
+ x->coaddr = kmemdup(nla_data(attrs[XFRMA_COADDR]),
+ sizeof(*x->coaddr), GFP_KERNEL);
+ if (x->coaddr == NULL)
+ goto error;
+ }
+
if (attrs[XFRMA_SA_EXTRA_FLAGS])
x->props.extra_flags = nla_get_u32(attrs[XFRMA_SA_EXTRA_FLAGS]);
@@ -600,23 +614,9 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
attrs[XFRMA_ALG_COMP])))
goto error;
- if (attrs[XFRMA_ENCAP]) {
- x->encap = kmemdup(nla_data(attrs[XFRMA_ENCAP]),
- sizeof(*x->encap), GFP_KERNEL);
- if (x->encap == NULL)
- goto error;
- }
-
if (attrs[XFRMA_TFCPAD])
x->tfcpad = nla_get_u32(attrs[XFRMA_TFCPAD]);
- if (attrs[XFRMA_COADDR]) {
- x->coaddr = kmemdup(nla_data(attrs[XFRMA_COADDR]),
- sizeof(*x->coaddr), GFP_KERNEL);
- if (x->coaddr == NULL)
- goto error;
- }
-
xfrm_mark_get(attrs, &x->mark);
xfrm_smark_init(attrs, &x->props.smark);
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH ipsec] xfrm: Fix error reporting in xfrm_state_construct.
2021-06-07 13:21 [PATCH ipsec] xfrm: Fix error reporting in xfrm_state_construct Steffen Klassert
@ 2021-06-16 6:29 ` Steffen Klassert
0 siblings, 0 replies; 2+ messages in thread
From: Steffen Klassert @ 2021-06-16 6:29 UTC (permalink / raw)
To: netdev
On Mon, Jun 07, 2021 at 03:21:49PM +0200, Steffen Klassert wrote:
> When memory allocation for XFRMA_ENCAP or XFRMA_COADDR fails,
> the error will not be reported because the -ENOMEM assignment
> to the err variable is overwritten before. Fix this by moving
> these two in front of the function so that memory allocation
> failures will be reported.
>
> Reported-by: Tobias Brunner <tobias@strongswan.org>
> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
> ---
Now applied to the ipsec tree.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-06-16 6:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-07 13:21 [PATCH ipsec] xfrm: Fix error reporting in xfrm_state_construct Steffen Klassert
2021-06-16 6:29 ` Steffen Klassert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).