| From 83a775d5f9bfda95b1c295f95a3a041a40c7f321 Mon Sep 17 00:00:00 2001 |
| From: Colin Ian King <colin.king@canonical.com> |
| Date: Fri, 30 Apr 2021 12:37:24 +0100 |
| Subject: KEYS: trusted: Fix memory leak on object td |
| |
| From: Colin Ian King <colin.king@canonical.com> |
| |
| commit 83a775d5f9bfda95b1c295f95a3a041a40c7f321 upstream. |
| |
| Two error return paths are neglecting to free allocated object td, |
| causing a memory leak. Fix this by returning via the error return |
| path that securely kfree's td. |
| |
| Fixes clang scan-build warning: |
| security/keys/trusted-keys/trusted_tpm1.c:496:10: warning: Potential |
| memory leak [unix.Malloc] |
| |
| Cc: stable@vger.kernel.org |
| Fixes: 5df16caada3f ("KEYS: trusted: Fix incorrect handling of tpm_get_random()") |
| Signed-off-by: Colin Ian King <colin.king@canonical.com> |
| Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> |
| Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> |
| Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| security/keys/trusted-keys/trusted_tpm1.c | 8 +++++--- |
| 1 file changed, 5 insertions(+), 3 deletions(-) |
| |
| --- a/security/keys/trusted-keys/trusted_tpm1.c |
| +++ b/security/keys/trusted-keys/trusted_tpm1.c |
| @@ -500,10 +500,12 @@ static int tpm_seal(struct tpm_buf *tb, |
| |
| ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); |
| if (ret < 0) |
| - return ret; |
| + goto out; |
| |
| - if (ret != TPM_NONCE_SIZE) |
| - return -EIO; |
| + if (ret != TPM_NONCE_SIZE) { |
| + ret = -EIO; |
| + goto out; |
| + } |
| |
| ordinal = htonl(TPM_ORD_SEAL); |
| datsize = htonl(datalen); |