| From foo@baz Fri Mar 16 15:43:17 CET 2018 |
| From: Pierre <pinaraf@pinaraf.info> |
| Date: Sun, 12 Nov 2017 15:24:32 +0100 |
| Subject: crypto: ecc - Fix NULL pointer deref. on no default_rng |
| |
| From: Pierre <pinaraf@pinaraf.info> |
| |
| |
| [ Upstream commit 4c0e22c90510308433272d7ba281b1eb4eda8209 ] |
| |
| If crypto_get_default_rng returns an error, the |
| function ecc_gen_privkey should return an error. |
| Instead, it currently tries to use the default_rng |
| nevertheless, thus creating a kernel panic with a |
| NULL pointer dereference. |
| Returning the error directly, as was supposedly |
| intended when looking at the code, fixes this. |
| |
| Signed-off-by: Pierre Ducroquet <pinaraf@pinaraf.info> |
| Reviewed-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com> |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| crypto/ecc.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/crypto/ecc.c |
| +++ b/crypto/ecc.c |
| @@ -964,7 +964,7 @@ int ecc_gen_privkey(unsigned int curve_i |
| * DRBG with a security strength of 256. |
| */ |
| if (crypto_get_default_rng()) |
| - err = -EFAULT; |
| + return -EFAULT; |
| |
| err = crypto_rng_get_bytes(crypto_default_rng, (u8 *)priv, nbytes); |
| crypto_put_default_rng(); |
