| From 268a3334e47b3894e7085cd0cf0c9f95b00261dd Mon Sep 17 00:00:00 2001 |
| From: Sasha Levin <sashal@kernel.org> |
| Date: Fri, 4 Jun 2021 14:30:35 +0800 |
| Subject: crypto: sm2 - fix a memory leak in sm2 |
| |
| From: Hongbo Li <herberthbli@tencent.com> |
| |
| [ Upstream commit 5cd259ca5d466f65ffd21e2e2fa00fb648a8c555 ] |
| |
| SM2 module alloc ec->Q in sm2_set_pub_key(), when doing alg test in |
| test_akcipher_one(), it will set public key for every test vector, |
| and don't free ec->Q. This will cause a memory leak. |
| |
| This patch alloc ec->Q in sm2_ec_ctx_init(). |
| |
| Fixes: ea7ecb66440b ("crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm") |
| Signed-off-by: Hongbo Li <herberthbli@tencent.com> |
| Reviewed-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| crypto/sm2.c | 24 ++++++++++-------------- |
| 1 file changed, 10 insertions(+), 14 deletions(-) |
| |
| diff --git a/crypto/sm2.c b/crypto/sm2.c |
| index b21addc3ac06..db8a4a265669 100644 |
| --- a/crypto/sm2.c |
| +++ b/crypto/sm2.c |
| @@ -79,10 +79,17 @@ static int sm2_ec_ctx_init(struct mpi_ec_ctx *ec) |
| goto free; |
| |
| rc = -ENOMEM; |
| + |
| + ec->Q = mpi_point_new(0); |
| + if (!ec->Q) |
| + goto free; |
| + |
| /* mpi_ec_setup_elliptic_curve */ |
| ec->G = mpi_point_new(0); |
| - if (!ec->G) |
| + if (!ec->G) { |
| + mpi_point_release(ec->Q); |
| goto free; |
| + } |
| |
| mpi_set(ec->G->x, x); |
| mpi_set(ec->G->y, y); |
| @@ -91,6 +98,7 @@ static int sm2_ec_ctx_init(struct mpi_ec_ctx *ec) |
| rc = -EINVAL; |
| ec->n = mpi_scanval(ecp->n); |
| if (!ec->n) { |
| + mpi_point_release(ec->Q); |
| mpi_point_release(ec->G); |
| goto free; |
| } |
| @@ -386,27 +394,15 @@ static int sm2_set_pub_key(struct crypto_akcipher *tfm, |
| MPI a; |
| int rc; |
| |
| - ec->Q = mpi_point_new(0); |
| - if (!ec->Q) |
| - return -ENOMEM; |
| - |
| /* include the uncompressed flag '0x04' */ |
| - rc = -ENOMEM; |
| a = mpi_read_raw_data(key, keylen); |
| if (!a) |
| - goto error; |
| + return -ENOMEM; |
| |
| mpi_normalize(a); |
| rc = sm2_ecc_os2ec(ec->Q, a); |
| mpi_free(a); |
| - if (rc) |
| - goto error; |
| - |
| - return 0; |
| |
| -error: |
| - mpi_point_release(ec->Q); |
| - ec->Q = NULL; |
| return rc; |
| } |
| |
| -- |
| 2.30.2 |
| |