From f1710638edb2e98008c2a733ffda63ef32b50411 Mon Sep 17 00:00:00 2001 From: Longpeng Date: Tue, 7 Nov 2017 19:32:06 +0800 Subject: crypto: afalg: fix a NULL pointer dereference Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with errp=NULL, this will cause a NULL pointer dereference if afalg_driver doesn't support requested algos: ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov, result, resultlen, errp); if (ret == 0) { return ret; } error_free(*errp); // <--- here Because the error message is thrown away immediately, we should just pass NULL to hash_bytesv(). There is also the same problem in afalg-backend cipher & hmac, let's fix them together. Reviewed-by: Eric Blake Reported-by: Paolo Bonzini Signed-off-by: Longpeng Signed-off-by: Daniel P. Berrange --- crypto/cipher.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'crypto/cipher.c') diff --git a/crypto/cipher.c b/crypto/cipher.c index 0aad9d6d79..bcbfb3d5b8 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -164,11 +164,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, { QCryptoCipher *cipher; void *ctx = NULL; - Error *err2 = NULL; QCryptoCipherDriver *drv = NULL; #ifdef CONFIG_AF_ALG - ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, &err2); + ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); if (ctx) { drv = &qcrypto_cipher_afalg_driver; } @@ -177,12 +176,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, if (!ctx) { ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); if (!ctx) { - error_free(err2); return NULL; } drv = &qcrypto_cipher_lib_driver; - error_free(err2); } cipher = g_new0(QCryptoCipher, 1); -- cgit 1.4.1