Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 5 Apr 2017 01:46:42 +0000 (UTC)
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r316510 - head/sys/opencrypto
Message-ID:  <201704050146.v351kgJZ093117@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: jhb
Date: Wed Apr  5 01:46:41 2017
New Revision: 316510
URL: https://svnweb.freebsd.org/changeset/base/316510

Log:
  Don't leak a session and lock if a GMAC key has an invalid length.
  
  Reviewed by:	delphij (secteam)
  MFC after:	2 weeks
  Differential Revision:	https://reviews.freebsd.org/D10273

Modified:
  head/sys/opencrypto/cryptosoft.c

Modified: head/sys/opencrypto/cryptosoft.c
==============================================================================
--- head/sys/opencrypto/cryptosoft.c	Wed Apr  5 01:44:03 2017	(r316509)
+++ head/sys/opencrypto/cryptosoft.c	Wed Apr  5 01:46:41 2017	(r316510)
@@ -930,8 +930,11 @@ swcr_newsession(device_t dev, u_int32_t 
 			axf = &auth_hash_nist_gmac_aes_256;
 		auth4common:
 			len = cri->cri_klen / 8;
-			if (len != 16 && len != 24 && len != 32)
+			if (len != 16 && len != 24 && len != 32) {
+				swcr_freesession_locked(dev, i);
+				rw_runlock(&swcr_sessions_lock);
 				return EINVAL;
+			}
 
 			(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
 			    M_NOWAIT);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201704050146.v351kgJZ093117>