summaryrefslogtreecommitdiff
path: root/include/crypto/hash.h
diff options
context:
space:
mode:
authorArd Biesheuvel <ardb@kernel.org>2021-03-02 23:33:03 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2021-03-12 16:04:01 +0300
commit83681f2bebb34dbb3f03fecd8f570308ab8b7c2c (patch)
treee77d6a6d5d4eb8a24caf9af6241ead46922c34b6 /include/crypto/hash.h
parent98b5ef3e97b16eaeeedb936f8bda3594ff84a70e (diff)
downloadlinux-83681f2bebb34dbb3f03fecd8f570308ab8b7c2c.tar.xz
crypto: api - check for ERR pointers in crypto_destroy_tfm()
Given that crypto_alloc_tfm() may return ERR pointers, and to avoid crashes on obscure error paths where such pointers are presented to crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there before dereferencing the second argument as a struct crypto_tfm pointer. [0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/ Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto/hash.h')
-rw-r--r--include/crypto/hash.h4
1 files changed, 4 insertions, 0 deletions
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index 13f8a6a54ca8..b2bc1e46e86a 100644
--- a/include/crypto/hash.h
+++ b/include/crypto/hash.h
@@ -281,6 +281,8 @@ static inline struct crypto_tfm *crypto_ahash_tfm(struct crypto_ahash *tfm)
/**
* crypto_free_ahash() - zeroize and free the ahash handle
* @tfm: cipher handle to be freed
+ *
+ * If @tfm is a NULL or error pointer, this function does nothing.
*/
static inline void crypto_free_ahash(struct crypto_ahash *tfm)
{
@@ -724,6 +726,8 @@ static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm)
/**
* crypto_free_shash() - zeroize and free the message digest handle
* @tfm: cipher handle to be freed
+ *
+ * If @tfm is a NULL or error pointer, this function does nothing.
*/
static inline void crypto_free_shash(struct crypto_shash *tfm)
{