crypto: testmgr - Fix potential memory leak in test_akcipher_one()

When the 'key' allocation fails, the 'req' will not be released,
which will cause memory leakage on this path. This patch adds a
'free_req' tag used to solve this problem, and two new err values
are added to reflect the real reason of the error.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index d084de4c60f26f381eb203732cd787d6ce63cd13..21f2878e4e5482201819ebb77def9dac6961329e 100644 (file)
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -3955,7 +3955,7 @@ static int test_akcipher_one(struct crypto_akcipher *tfm,
        key = kmalloc(vecs->key_len + sizeof(u32) * 2 + vecs->param_len,
                      GFP_KERNEL);
        if (!key)
-               goto free_xbuf;
+               goto free_req;
        memcpy(key, vecs->key, vecs->key_len);
        ptr = key + vecs->key_len;
        ptr = test_pack_u32(ptr, vecs->algo);
@@ -3967,7 +3967,7 @@ static int test_akcipher_one(struct crypto_akcipher *tfm,
        else
                err = crypto_akcipher_set_priv_key(tfm, key, vecs->key_len);
        if (err)
-               goto free_req;
+               goto free_key;
 
        /*
         * First run test which do not require a private key, such as
@@ -3977,7 +3977,7 @@ static int test_akcipher_one(struct crypto_akcipher *tfm,
        out_len_max = crypto_akcipher_maxsize(tfm);
        outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
        if (!outbuf_enc)
-               goto free_req;
+               goto free_key;
 
        if (!vecs->siggen_sigver_test) {
                m = vecs->m;
@@ -3996,6 +3996,7 @@ static int test_akcipher_one(struct crypto_akcipher *tfm,
                op = "verify";
        }
 
+       err = -E2BIG;
        if (WARN_ON(m_size > PAGE_SIZE))
                goto free_all;
        memcpy(xbuf[0], m, m_size);
@@ -4062,6 +4063,7 @@ static int test_akcipher_one(struct crypto_akcipher *tfm,
                c_size = req->dst_len;
        }
 
+       err = -E2BIG;
        op = vecs->siggen_sigver_test ? "sign" : "decrypt";
        if (WARN_ON(c_size > PAGE_SIZE))
                goto free_all;
@@ -4098,9 +4100,10 @@ static int test_akcipher_one(struct crypto_akcipher *tfm,
 free_all:
        kfree(outbuf_dec);
        kfree(outbuf_enc);
+free_key:
+       kfree(key);
 free_req:
        akcipher_request_free(req);
-       kfree(key);
 free_xbuf:
        testmgr_free_buf(xbuf);
        return err;