[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 06/10] crypto: avoid leak of ctx when bad cipher mode is given
From: |
Daniel P . Berrangé |
Subject: |
[PULL 06/10] crypto: avoid leak of ctx when bad cipher mode is given |
Date: |
Mon, 9 Sep 2024 15:16:31 +0100 |
Fixes: Coverity CID 1546884
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/cipher-nettle.c.inc | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc
index 42b39e18a2..766de036ba 100644
--- a/crypto/cipher-nettle.c.inc
+++ b/crypto/cipher-nettle.c.inc
@@ -734,16 +734,19 @@ static QCryptoCipher
*qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
#ifdef CONFIG_CRYPTO_SM4
case QCRYPTO_CIPHER_ALG_SM4:
{
- QCryptoNettleSm4 *ctx = g_new0(QCryptoNettleSm4, 1);
+ QCryptoNettleSm4 *ctx;
+ const QCryptoCipherDriver *drv;
switch (mode) {
case QCRYPTO_CIPHER_MODE_ECB:
- ctx->base.driver = &qcrypto_nettle_sm4_driver_ecb;
+ drv = &qcrypto_nettle_sm4_driver_ecb;
break;
default:
goto bad_cipher_mode;
}
+ ctx = g_new0(QCryptoNettleSm4, 1);
+ ctx->base.driver = drv;
sm4_set_encrypt_key(&ctx->key[0], key);
sm4_set_decrypt_key(&ctx->key[1], key);
--
2.45.2
- [PULL 00/10] Crypto fixes patches, Daniel P . Berrangé, 2024/09/09
- [PULL 01/10] iotests: fix expected output from gnutls, Daniel P . Berrangé, 2024/09/09
- [PULL 02/10] crypto: run qcrypto_pbkdf2_count_iters in a new thread, Daniel P . Berrangé, 2024/09/09
- [PULL 03/10] crypto: check gnutls & gcrypt support the requested pbkdf hash, Daniel P . Berrangé, 2024/09/09
- [PULL 04/10] tests/unit: always build the pbkdf crypto unit test, Daniel P . Berrangé, 2024/09/09
- [PULL 05/10] tests/unit: build pbkdf test on macOS, Daniel P . Berrangé, 2024/09/09
- [PULL 07/10] crypto: use consistent error reporting pattern for unsupported cipher modes, Daniel P . Berrangé, 2024/09/09
- [PULL 06/10] crypto: avoid leak of ctx when bad cipher mode is given,
Daniel P . Berrangé <=
- [PULL 08/10] crypto: Define macros for hash algorithm digest lengths, Daniel P . Berrangé, 2024/09/09
- [PULL 09/10] crypto: Support SHA384 hash when using glib, Daniel P . Berrangé, 2024/09/09
- [PULL 10/10] crypto: Introduce x509 utils, Daniel P . Berrangé, 2024/09/09
- Re: [PULL 00/10] Crypto fixes patches, Peter Maydell, 2024/09/09
- Re: [PULL 00/10] Crypto fixes patches, Michael Tokarev, 2024/09/11