libceph: fix crypto key null deref, memory leak

(cherry picked from commit f0666b1a) Avoid crashing if the crypto key payload was NULL, as when it was not correctly allocated and initialized. Also, avoid leaking it. Signed-off-by: Sylvain Munaut <tnt@246tNt.com> Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Alex Elder <elder@inktank.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

libceph: fix crypto key null deref, memory leak
(cherry picked from commit f0666b1a) Avoid crashing if the crypto key payload was NULL, as when it was not correctly allocated and initialized. Also, avoid leaking it. Signed-off-by: Sylvain Munaut <tnt@246tNt.com> Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Alex Elder <elder@inktank.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
b8e03e32 · Sylvain Munaut · Greg Kroah-Hartman · 59238927 · b8e03e32 · b8e03e32
Commit b8e03e32 authored Aug 02, 2012 by Sylvain Munaut Committed by Greg Kroah-Hartman Nov 26, 2012
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

net/ceph/crypto.c net/ceph/crypto.c +1 -0

net/ceph/crypto.h net/ceph/crypto.h +2 -1

No files found.
--- a/net/ceph/crypto.c
+++ b/net/ceph/crypto.c
@@ -466,6 +466,7 @@ void ceph_key_destroy(struct key *key) {
 	struct ceph_crypto_key *ckey = key->payload.data;

 	ceph_crypto_key_destroy(ckey);
+	kfree(ckey);
 }

 struct key_type key_type_ceph = {

--- a/net/ceph/crypto.h
+++ b/net/ceph/crypto.h
@@ -16,7 +16,8 @@ struct ceph_crypto_key {

 static inline void ceph_crypto_key_destroy(struct ceph_crypto_key *key)
 {
-	kfree(key->key);
+	if (key)
+		kfree(key->key);
 }

 extern int ceph_crypto_key_clone(struct ceph_crypto_key *dst,