crypto: hmac - fix memory leak in hmac_init_tfm()

[ Upstream commit 7829a0c1cb9c80debfb4fdb49b4d90019f2ea1ac ] When I added the sanity check of 'descsize', I missed that the child hash tfm needs to be freed if the sanity check fails. Of course this should never happen, hence the use of WARN_ON(), but it should be fixed. Fixes: e1354400b25d ("crypto: hash - fix incorrect HASH_MAX_DESCSIZE") Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Eric Biggers <ebiggers@google.com> 2019-05-22 22:42:29 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-06-25 06:34:49 +0300
commit: 7348616edde5ea7f98c9b58893e953e228c25a4b (patch)
tree: 0450f8b6b798143769770a4449feeb401a12793d /crypto
parent: 62e5facae8997c6dba85c3e2f9474017f6a9fe05 (diff)
download: linux-7348616edde5ea7f98c9b58893e953e228c25a4b.tar.xz
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 4b8c8ee8f15c..c623778b36ba 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -168,8 +168,10 @@ static int hmac_init_tfm(struct crypto_tfm *tfm)
 
 	parent->descsize = sizeof(struct shash_desc) +
 			   crypto_shash_descsize(hash);
-	if (WARN_ON(parent->descsize > HASH_MAX_DESCSIZE))
+	if (WARN_ON(parent->descsize > HASH_MAX_DESCSIZE)) {
+		crypto_free_shash(hash);
 		return -EINVAL;
+	}
 
 	ctx->hash = hash;
 	return 0;
author	Eric Biggers <ebiggers@google.com>	2019-05-22 22:42:29 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2019-06-25 06:34:49 +0300
commit	7348616edde5ea7f98c9b58893e953e228c25a4b (patch)
tree	0450f8b6b798143769770a4449feeb401a12793d /crypto
parent	62e5facae8997c6dba85c3e2f9474017f6a9fe05 (diff)
download	linux-7348616edde5ea7f98c9b58893e953e228c25a4b.tar.xz